OpenVPN
socket.c
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, see <https://www.gnu.org/licenses/>.
21 */
22
23#ifdef HAVE_CONFIG_H
24#include "config.h"
25#endif
26
27#include "syshead.h"
28
29#include "socket.h"
30#include "fdmisc.h"
31#include "misc.h"
32#include "gremlin.h"
33#include "plugin.h"
34#include "ps.h"
35#include "run_command.h"
36#include "manage.h"
37#include "misc.h"
38#include "manage.h"
39#include "openvpn.h"
40#include "forward.h"
41
42#include "memdbg.h"
43
44bool
45sockets_read_residual(const struct context *c)
46{
47 int i;
48
49 for (i = 0; i < c->c1.link_sockets_num; i++)
50 {
51 if (c->c2.link_sockets[i]->stream_buf.residual_fully_formed)
52 {
53 return true;
54 }
55 }
56 return false;
57}
58
59/*
60 * Convert sockflags/getaddr_flags into getaddr_flags
61 */
62static unsigned int
63sf2gaf(const unsigned int getaddr_flags, const unsigned int sockflags)
64{
65 if (sockflags & SF_HOST_RANDOMIZE)
66 {
67 return getaddr_flags | GETADDR_RANDOMIZE;
68 }
69 else
70 {
71 return getaddr_flags;
72 }
73}
74
75#if defined(__GNUC__) || defined(__clang__)
76#pragma GCC diagnostic push
77#pragma GCC diagnostic ignored "-Wconversion"
78#endif
79
80/*
81 * Functions related to the translation of DNS names to IP addresses.
82 */
83static int
84get_addr_generic(sa_family_t af, unsigned int flags, const char *hostname, void *network,
85 unsigned int *netbits, int resolve_retry_seconds, struct signal_info *sig_info,
86 msglvl_t msglevel)
87{
88 char *endp, *sep, *var_host = NULL;
89 struct addrinfo *ai = NULL;
90 unsigned long bits;
91 uint8_t max_bits;
92 int ret = -1;
93
94 if (!hostname)
95 {
96 msg(M_NONFATAL, "Can't resolve null hostname!");
97 goto out;
98 }
99
100 /* assign family specific default values */
101 switch (af)
102 {
103 case AF_INET:
104 bits = 0;
105 max_bits = sizeof(in_addr_t) * 8;
106 break;
107
108 case AF_INET6:
109 bits = 64;
110 max_bits = sizeof(struct in6_addr) * 8;
111 break;
112
113 default:
114 msg(M_WARN, "Unsupported AF family passed to getaddrinfo for %s (%d)", hostname, af);
115 goto out;
116 }
117
118 /* we need to modify the hostname received as input, but we don't want to
119 * touch it directly as it might be a constant string.
120 *
121 * Therefore, we clone the string here and free it at the end of the
122 * function */
123 var_host = strdup(hostname);
124 if (!var_host)
125 {
126 msg(M_NONFATAL | M_ERRNO, "Can't allocate hostname buffer for getaddrinfo");
127 goto out;
128 }
129
130 /* check if this hostname has a /bits suffix */
131 sep = strchr(var_host, '/');
132 if (sep)
133 {
134 bits = strtoul(sep + 1, &endp, 10);
135 if ((*endp != '\0') || (bits > max_bits))
136 {
137 msg(msglevel, "IP prefix '%s': invalid '/bits' spec (%s)", hostname, sep + 1);
138 goto out;
139 }
140 *sep = '\0';
141 }
142
143 ret = openvpn_getaddrinfo(flags & ~GETADDR_HOST_ORDER, var_host, NULL, resolve_retry_seconds,
144 sig_info, af, &ai);
145 if ((ret == 0) && network)
146 {
147 struct in6_addr *ip6;
148 in_addr_t *ip4;
149
150 if (af != ai->ai_family)
151 {
152 msg(msglevel, "Can't parse %s as IPv%d address", var_host, (af == AF_INET) ? 4 : 6);
153 ret = -1;
154 goto out;
155 }
156
157 switch (af)
158 {
159 case AF_INET:
160 ip4 = network;
161 *ip4 = ((struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr;
162
163 if (flags & GETADDR_HOST_ORDER)
164 {
165 *ip4 = ntohl(*ip4);
166 }
167 break;
168
169 case AF_INET6:
170 ip6 = network;
171 *ip6 = ((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr;
172 break;
173
174 default:
175 /* can't get here because 'af' was previously checked */
176 msg(M_WARN, "Unsupported AF family for %s (%d)", var_host, af);
177 goto out;
178 }
179 }
180
181 if (netbits)
182 {
183 *netbits = bits;
184 }
185
186 /* restore '/' separator, if any */
187 if (sep)
188 {
189 *sep = '/';
190 }
191out:
192 if (ai)
193 {
194 freeaddrinfo(ai);
195 }
196 free(var_host);
197
198 return ret;
199}
200
201in_addr_t
202getaddr(unsigned int flags, const char *hostname, int resolve_retry_seconds, bool *succeeded,
203 struct signal_info *sig_info)
204{
205 in_addr_t addr = { 0 };
206 int status;
207
208 status = get_addr_generic(AF_INET, flags, hostname, &addr, NULL, resolve_retry_seconds,
209 sig_info, M_WARN);
210 if (status == 0)
211 {
212 if (succeeded)
213 {
214 *succeeded = true;
215 }
216 return addr;
217 }
218 else
219 {
220 if (succeeded)
221 {
222 *succeeded = false;
223 }
224 return 0;
225 }
226}
227
228bool
229get_ipv6_addr(const char *hostname, struct in6_addr *network, unsigned int *netbits,
230 msglvl_t msglevel)
231{
232 if (get_addr_generic(AF_INET6, GETADDR_RESOLVE, hostname, network, netbits, 0, NULL, msglevel)
233 < 0)
234 {
235 return false;
236 }
237
238 return true; /* parsing OK, values set */
239}
240
241static inline bool
242streqnull(const char *a, const char *b)
243{
244 if (a == NULL && b == NULL)
245 {
246 return true;
247 }
248 else if (a == NULL || b == NULL)
249 {
250 return false;
251 }
252 else
253 {
254 return streq(a, b);
255 }
256}
257
258/*
259 * get_cached_dns_entry return 0 on success and -1
260 * otherwise. (like getaddrinfo)
261 */
262static int
263get_cached_dns_entry(struct cached_dns_entry *dns_cache, const char *hostname, const char *servname,
264 int ai_family, unsigned int resolve_flags, struct addrinfo **ai)
265{
266 struct cached_dns_entry *ph;
267 unsigned int flags;
268
269 /* Only use flags that are relevant for the structure */
270 flags = resolve_flags & GETADDR_CACHE_MASK;
271
272 for (ph = dns_cache; ph; ph = ph->next)
273 {
274 if (streqnull(ph->hostname, hostname) && streqnull(ph->servname, servname)
275 && ph->ai_family == ai_family && ph->flags == flags)
276 {
277 *ai = ph->ai;
278 return 0;
279 }
280 }
281 return -1;
282}
283
284
285static int
286do_preresolve_host(struct context *c, const char *hostname, const char *servname, const int af,
287 const unsigned int flags)
288{
289 struct addrinfo *ai;
290 int status;
291
292 if (get_cached_dns_entry(c->c1.dns_cache, hostname, servname, af, flags, &ai) == 0)
293 {
294 /* entry already cached, return success */
295 return 0;
296 }
297
298 status = openvpn_getaddrinfo(flags, hostname, servname, c->options.resolve_retry_seconds, NULL,
299 af, &ai);
300 if (status == 0)
301 {
302 struct cached_dns_entry *ph;
303
304 ALLOC_OBJ_CLEAR_GC(ph, struct cached_dns_entry, &c->gc);
305 ph->ai = ai;
306 ph->hostname = hostname;
307 ph->servname = servname;
308 ph->flags = flags & GETADDR_CACHE_MASK;
309
310 if (!c->c1.dns_cache)
311 {
312 c->c1.dns_cache = ph;
313 }
314 else
315 {
316 struct cached_dns_entry *prev = c->c1.dns_cache;
317 while (prev->next)
318 {
319 prev = prev->next;
320 }
321 prev->next = ph;
322 }
323
324 gc_addspecial(ai, &gc_freeaddrinfo_callback, &c->gc);
325 }
326 return status;
327}
328
329void
330do_preresolve(struct context *c)
331{
332 struct connection_list *l = c->options.connection_list;
333 const unsigned int preresolve_flags = GETADDR_RESOLVE | GETADDR_UPDATE_MANAGEMENT_STATE
334 | GETADDR_MENTION_RESOLVE_RETRY | GETADDR_FATAL;
335
336
337 for (int i = 0; i < l->len; ++i)
338 {
339 int status;
340 const char *remote;
341 unsigned int flags = preresolve_flags;
342
343 struct connection_entry *ce = l->array[i];
344
345 if (proto_is_dgram(ce->proto))
346 {
347 flags |= GETADDR_DATAGRAM;
348 }
349
350 if (c->options.sockflags & SF_HOST_RANDOMIZE)
351 {
352 flags |= GETADDR_RANDOMIZE;
353 }
354
355 if (c->options.ip_remote_hint)
356 {
357 remote = c->options.ip_remote_hint;
358 }
359 else
360 {
361 remote = ce->remote;
362 }
363
364 /* HTTP remote hostname does not need to be resolved */
365 if (!ce->http_proxy_options)
366 {
367 status = do_preresolve_host(c, remote, ce->remote_port, ce->af, flags);
368 if (status != 0)
369 {
370 goto err;
371 }
372 }
373
374 /* Preresolve proxy */
375 if (ce->http_proxy_options)
376 {
377 status = do_preresolve_host(c, ce->http_proxy_options->server,
378 ce->http_proxy_options->port, ce->af, preresolve_flags);
379
380 if (status != 0)
381 {
382 goto err;
383 }
384 }
385
386 if (ce->socks_proxy_server)
387 {
388 status =
389 do_preresolve_host(c, ce->socks_proxy_server, ce->socks_proxy_port, ce->af, flags);
390 if (status != 0)
391 {
392 goto err;
393 }
394 }
395
396 if (ce->bind_local)
397 {
398 flags |= GETADDR_PASSIVE;
399 flags &= ~GETADDR_RANDOMIZE;
400
401 for (int j = 0; j < ce->local_list->len; j++)
402 {
403 struct local_entry *le = ce->local_list->array[j];
404
405 if (!le->local)
406 {
407 continue;
408 }
409
410 status = do_preresolve_host(c, le->local, le->port, ce->af, flags);
411 if (status != 0)
412 {
413 goto err;
414 }
415 }
416 }
417 }
418 return;
419
420err:
421 throw_signal_soft(SIGHUP, "Preresolving failed");
422}
423
424static int
425socket_get_sndbuf(socket_descriptor_t sd)
426{
427#if defined(SOL_SOCKET) && defined(SO_SNDBUF)
428 int val;
429 socklen_t len;
430
431 len = sizeof(val);
432 if (getsockopt(sd, SOL_SOCKET, SO_SNDBUF, (void *)&val, &len) == 0 && len == sizeof(val))
433 {
434 return val;
435 }
436#endif
437 return 0;
438}
439
440static void
441socket_set_sndbuf(socket_descriptor_t sd, int size)
442{
443#if defined(SOL_SOCKET) && defined(SO_SNDBUF)
444 if (setsockopt(sd, SOL_SOCKET, SO_SNDBUF, (void *)&size, sizeof(size)) != 0)
445 {
446 msg(M_WARN, "NOTE: setsockopt SO_SNDBUF=%d failed", size);
447 }
448#endif
449}
450
451static int
452socket_get_rcvbuf(socket_descriptor_t sd)
453{
454#if defined(SOL_SOCKET) && defined(SO_RCVBUF)
455 int val;
456 socklen_t len;
457
458 len = sizeof(val);
459 if (getsockopt(sd, SOL_SOCKET, SO_RCVBUF, (void *)&val, &len) == 0 && len == sizeof(val))
460 {
461 return val;
462 }
463#endif
464 return 0;
465}
466
467static bool
468socket_set_rcvbuf(socket_descriptor_t sd, int size)
469{
470#if defined(SOL_SOCKET) && defined(SO_RCVBUF)
471 if (setsockopt(sd, SOL_SOCKET, SO_RCVBUF, (void *)&size, sizeof(size)) != 0)
472 {
473 msg(M_WARN, "NOTE: setsockopt SO_RCVBUF=%d failed", size);
474 return false;
475 }
476 return true;
477#endif
478}
479
480void
481socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, bool reduce_size)
482{
483 if (sbs)
484 {
485 const int sndbuf_old = socket_get_sndbuf(fd);
486 const int rcvbuf_old = socket_get_rcvbuf(fd);
487
488 if (sbs->sndbuf && (reduce_size || sndbuf_old < sbs->sndbuf))
489 {
490 socket_set_sndbuf(fd, sbs->sndbuf);
491 }
492
493 if (sbs->rcvbuf && (reduce_size || rcvbuf_old < sbs->rcvbuf))
494 {
495 socket_set_rcvbuf(fd, sbs->rcvbuf);
496 }
497
498 msg(D_OSBUF, "Socket Buffers: R=[%d->%d] S=[%d->%d]", rcvbuf_old, socket_get_rcvbuf(fd),
499 sndbuf_old, socket_get_sndbuf(fd));
500 }
501}
502
503/*
504 * Set other socket options
505 */
506
507static bool
508socket_set_tcp_nodelay(socket_descriptor_t sd, int state)
509{
510#if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY))
511 if (setsockopt(sd, IPPROTO_TCP, TCP_NODELAY, (void *)&state, sizeof(state)) != 0)
512 {
513 msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed", state);
514 return false;
515 }
516 else
517 {
518 dmsg(D_OSBUF, "Socket flags: TCP_NODELAY=%d succeeded", state);
519 return true;
520 }
521#else /* if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY)) */
522 msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed (No kernel support)", state);
523 return false;
524#endif
525}
526
527static inline void
528socket_set_mark(socket_descriptor_t sd, int mark)
529{
530#if defined(TARGET_LINUX)
531 if (mark && setsockopt(sd, SOL_SOCKET, SO_MARK, (void *)&mark, sizeof(mark)) != 0)
532 {
533 msg(M_WARN, "NOTE: setsockopt SO_MARK=%d failed", mark);
534 }
535#endif
536}
537
538static bool
539socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
540{
541 /* SF_TCP_NODELAY doesn't make sense for dco-win */
542 if ((sockflags & SF_TCP_NODELAY) && (!(sockflags & SF_DCO_WIN)))
543 {
544 return socket_set_tcp_nodelay(sd, 1);
545 }
546 else
547 {
548 return true;
549 }
550}
551
552bool
553link_socket_update_flags(struct link_socket *sock, unsigned int sockflags)
554{
555 if (sock && socket_defined(sock->sd))
556 {
557 sock->sockflags |= sockflags;
558 return socket_set_flags(sock->sd, sock->sockflags);
559 }
560 else
561 {
562 return false;
563 }
564}
565
566void
567link_socket_update_buffer_sizes(struct link_socket *sock, int rcvbuf, int sndbuf)
568{
569 if (sock && socket_defined(sock->sd))
570 {
571 sock->socket_buffer_sizes.sndbuf = sndbuf;
572 sock->socket_buffer_sizes.rcvbuf = rcvbuf;
573 socket_set_buffers(sock->sd, &sock->socket_buffer_sizes, true);
574 }
575}
576
577/*
578 * SOCKET INITIALIZATION CODE.
579 * Create a TCP/UDP socket
580 */
581
582socket_descriptor_t
583create_socket_tcp(struct addrinfo *addrinfo)
584{
585 socket_descriptor_t sd;
586
587 ASSERT(addrinfo);
588 ASSERT(addrinfo->ai_socktype == SOCK_STREAM);
589
590 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol))
591 == SOCKET_UNDEFINED)
592 {
593 msg(M_ERR, "Cannot create TCP socket");
594 }
595
596#ifndef _WIN32 /* using SO_REUSEADDR on Windows will cause bind to succeed on port conflicts! */
597 /* set SO_REUSEADDR on socket */
598 {
599 int on = 1;
600 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)) < 0)
601 {
602 msg(M_ERR, "TCP: Cannot setsockopt SO_REUSEADDR on TCP socket");
603 }
604 }
605#endif
606
607 /* set socket file descriptor to not pass across execs, so that
608 * scripts don't have access to it */
609 set_cloexec(sd);
610
611 return sd;
612}
613
614static socket_descriptor_t
615create_socket_udp(struct addrinfo *addrinfo, const unsigned int flags)
616{
617 socket_descriptor_t sd;
618
619 ASSERT(addrinfo);
620 ASSERT(addrinfo->ai_socktype == SOCK_DGRAM);
621
622 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol))
623 == SOCKET_UNDEFINED)
624 {
625 msg(M_ERR, "UDP: Cannot create UDP/UDP6 socket");
626 }
627#if ENABLE_IP_PKTINFO
628 else if (flags & SF_USE_IP_PKTINFO)
629 {
630 int pad = 1;
631 if (addrinfo->ai_family == AF_INET)
632 {
633#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
634 if (setsockopt(sd, SOL_IP, IP_PKTINFO, (void *)&pad, sizeof(pad)) < 0)
635 {
636 msg(M_ERR, "UDP: failed setsockopt for IP_PKTINFO");
637 }
638#elif defined(IP_RECVDSTADDR)
639 if (setsockopt(sd, IPPROTO_IP, IP_RECVDSTADDR, (void *)&pad, sizeof(pad)) < 0)
640 {
641 msg(M_ERR, "UDP: failed setsockopt for IP_RECVDSTADDR");
642 }
643#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
644#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
645#endif
646 }
647 else if (addrinfo->ai_family == AF_INET6)
648 {
649#ifndef IPV6_RECVPKTINFO /* Some older Darwin platforms require this */
650 if (setsockopt(sd, IPPROTO_IPV6, IPV6_PKTINFO, (void *)&pad, sizeof(pad)) < 0)
651#else
652 if (setsockopt(sd, IPPROTO_IPV6, IPV6_RECVPKTINFO, (void *)&pad, sizeof(pad)) < 0)
653#endif
654 {
655 msg(M_ERR, "UDP: failed setsockopt for IPV6_RECVPKTINFO");
656 }
657 }
658 }
659#endif /* if ENABLE_IP_PKTINFO */
660
661 /* set socket file descriptor to not pass across execs, so that
662 * scripts don't have access to it */
663 set_cloexec(sd);
664
665 return sd;
666}
667
668static void
669bind_local(struct link_socket *sock, const sa_family_t ai_family)
670{
671 /* bind to local address/port */
672 if (sock->bind_local)
673 {
674 if (sock->socks_proxy && sock->info.proto == PROTO_UDP)
675 {
676 socket_bind(sock->ctrl_sd, sock->info.lsa->bind_local, ai_family, "SOCKS", false);
677 }
678 else
679 {
680 socket_bind(sock->sd, sock->info.lsa->bind_local, ai_family, "TCP/UDP",
681 sock->info.bind_ipv6_only);
682 }
683 }
684}
685
686static void
687create_socket(struct link_socket *sock, struct addrinfo *addr)
688{
689 if (addr->ai_protocol == IPPROTO_UDP || addr->ai_socktype == SOCK_DGRAM)
690 {
691 sock->sd = create_socket_udp(addr, sock->sockflags);
692 sock->sockflags |= SF_GETADDRINFO_DGRAM;
693
694 /* Assume that control socket and data socket to the socks proxy
695 * are using the same IP family */
696 if (sock->socks_proxy)
697 {
698 /* Construct a temporary addrinfo to create the socket,
699 * currently resolve two remote addresses is not supported,
700 * TODO: Rewrite the whole resolve_remote */
701 struct addrinfo addrinfo_tmp = *addr;
702 addrinfo_tmp.ai_socktype = SOCK_STREAM;
703 addrinfo_tmp.ai_protocol = IPPROTO_TCP;
704 sock->ctrl_sd = create_socket_tcp(&addrinfo_tmp);
705 }
706 }
707 else if (addr->ai_protocol == IPPROTO_TCP || addr->ai_socktype == SOCK_STREAM)
708 {
709 sock->sd = create_socket_tcp(addr);
710 }
711 else
712 {
713 ASSERT(0);
714 }
715 /* Set af field of sock->info, so it always reflects the address family
716 * of the created socket */
717 sock->info.af = addr->ai_family;
718
719 /* set socket buffers based on --sndbuf and --rcvbuf options */
720 socket_set_buffers(sock->sd, &sock->socket_buffer_sizes, true);
721
722 /* set socket to --mark packets with given value */
723 socket_set_mark(sock->sd, sock->mark);
724
725#if defined(TARGET_LINUX)
726 if (sock->bind_dev)
727 {
728 msg(M_INFO, "Using bind-dev %s", sock->bind_dev);
729 if (setsockopt(sock->sd, SOL_SOCKET, SO_BINDTODEVICE, sock->bind_dev,
730 strlen(sock->bind_dev) + 1)
731 != 0)
732 {
733 msg(M_WARN | M_ERRNO, "WARN: setsockopt SO_BINDTODEVICE=%s failed", sock->bind_dev);
734 }
735 }
736#endif
737
738 bind_local(sock, addr->ai_family);
739}
740
741#ifdef TARGET_ANDROID
742static void
743protect_fd_nonlocal(int fd, const struct sockaddr *addr)
744{
745 if (!management)
746 {
747 msg(M_FATAL, "Required management interface not available.");
748 }
749
750 /* pass socket FD to management interface to pass on to VPNService API
751 * as "protected socket" (exempt from being routed into tunnel)
752 */
753 if (addr_local(addr))
754 {
755 msg(D_SOCKET_DEBUG, "Address is local, not protecting socket fd %d", fd);
756 return;
757 }
758
759 msg(D_SOCKET_DEBUG, "Protecting socket fd %d", fd);
760 management->connection.fdtosend = fd;
761 management_android_control(management, "PROTECTFD", __func__);
762}
763#endif
764
765/*
766 * Functions used for establishing a TCP stream connection.
767 */
768static void
769socket_do_listen(socket_descriptor_t sd, const struct addrinfo *local, bool do_listen,
770 bool do_set_nonblock)
771{
772 struct gc_arena gc = gc_new();
773 if (do_listen)
774 {
775 ASSERT(local);
776 msg(M_INFO, "Listening for incoming TCP connection on %s",
777 print_sockaddr(local->ai_addr, &gc));
778 if (listen(sd, 32))
779 {
780 msg(M_ERR, "TCP: listen() failed");
781 }
782 }
783
784 /* set socket to non-blocking mode */
785 if (do_set_nonblock)
786 {
787 set_nonblock(sd);
788 }
789
790 gc_free(&gc);
791}
792
793socket_descriptor_t
794socket_do_accept(socket_descriptor_t sd, struct link_socket_actual *act, const bool nowait)
795{
796 /* af_addr_size WILL return 0 in this case if AFs other than AF_INET
797 * are compiled because act is empty here.
798 * could use getsockname() to support later remote_len check
799 */
800 socklen_t remote_len_af = af_addr_size(act->dest.addr.sa.sa_family);
801 socklen_t remote_len = sizeof(act->dest.addr);
802 socket_descriptor_t new_sd = SOCKET_UNDEFINED;
803
804 CLEAR(*act);
805
806 if (nowait)
807 {
808 new_sd = getpeername(sd, &act->dest.addr.sa, &remote_len);
809
810 if (!socket_defined(new_sd))
811 {
812 msg(D_LINK_ERRORS | M_ERRNO, "TCP: getpeername() failed");
813 }
814 else
815 {
816 new_sd = sd;
817 }
818 }
819 else
820 {
821 new_sd = accept(sd, &act->dest.addr.sa, &remote_len);
822 }
823
824#if 0 /* For debugging only, test the effect of accept() failures */
825 {
826 static int foo = 0;
827 ++foo;
828 if (foo & 1)
829 {
830 new_sd = -1;
831 }
832 }
833#endif
834
835 if (!socket_defined(new_sd))
836 {
837 msg(D_LINK_ERRORS | M_ERRNO, "TCP: accept(%d) failed", (int)sd);
838 }
839 /* only valid if we have remote_len_af!=0 */
840 else if (remote_len_af && remote_len != remote_len_af)
841 {
842 msg(D_LINK_ERRORS,
843 "TCP: Received strange incoming connection with unknown address length=%d", remote_len);
844 openvpn_close_socket(new_sd);
845 new_sd = SOCKET_UNDEFINED;
846 }
847 else
848 {
849 /* set socket file descriptor to not pass across execs, so that
850 * scripts don't have access to it */
851 set_cloexec(new_sd);
852 }
853 return new_sd;
854}
855
856static void
857tcp_connection_established(const struct link_socket_actual *act)
858{
859 struct gc_arena gc = gc_new();
860 msg(M_INFO, "TCP connection established with %s", print_link_socket_actual(act, &gc));
861 gc_free(&gc);
862}
863
864#if defined(__GNUC__) || defined(__clang__)
865#pragma GCC diagnostic pop
866#endif
867
868static socket_descriptor_t
869socket_listen_accept(socket_descriptor_t sd, struct link_socket_actual *act,
870 const char *remote_dynamic, const struct addrinfo *local, bool do_listen,
871 bool nowait, volatile int *signal_received)
872{
873 struct gc_arena gc = gc_new();
874 /* struct openvpn_sockaddr *remote = &act->dest; */
875 struct openvpn_sockaddr remote_verify = act->dest;
876 socket_descriptor_t new_sd = SOCKET_UNDEFINED;
877
878 CLEAR(*act);
879 socket_do_listen(sd, local, do_listen, true);
880
881 while (true)
882 {
883 int status;
884 fd_set reads;
885 struct timeval tv;
886
887 FD_ZERO(&reads);
888 openvpn_fd_set(sd, &reads);
889 tv.tv_sec = 0;
890 tv.tv_usec = 0;
891
892 status = openvpn_select(sd + 1, &reads, NULL, NULL, &tv);
893
894 get_signal(signal_received);
895 if (*signal_received)
896 {
897 gc_free(&gc);
898 return sd;
899 }
900
901 if (status < 0)
902 {
903 msg(D_LINK_ERRORS | M_ERRNO, "TCP: select() failed");
904 }
905
906 if (status <= 0)
907 {
908 management_sleep(1);
909 continue;
910 }
911
912 new_sd = socket_do_accept(sd, act, nowait);
913
914 if (socket_defined(new_sd))
915 {
916 struct addrinfo *ai = NULL;
917 if (remote_dynamic)
918 {
919 openvpn_getaddrinfo(0, remote_dynamic, NULL, 1, NULL,
920 remote_verify.addr.sa.sa_family, &ai);
921 }
922
923 if (ai && !addrlist_match(&remote_verify, ai))
924 {
925 msg(M_WARN, "TCP NOTE: Rejected connection attempt from %s due to --remote setting",
926 print_link_socket_actual(act, &gc));
927 if (openvpn_close_socket(new_sd))
928 {
929 msg(M_ERR, "TCP: close socket failed (new_sd)");
930 }
931 freeaddrinfo(ai);
932 }
933 else
934 {
935 if (ai)
936 {
937 freeaddrinfo(ai);
938 }
939 break;
940 }
941 }
942 management_sleep(1);
943 }
944
945 if (!nowait && openvpn_close_socket(sd))
946 {
947 msg(M_ERR, "TCP: close socket failed (sd)");
948 }
949
950 tcp_connection_established(act);
951
952 gc_free(&gc);
953 return new_sd;
954}
955
956void
957socket_bind(socket_descriptor_t sd, struct addrinfo *local, int ai_family, const char *prefix,
958 bool ipv6only)
959{
960 struct gc_arena gc = gc_new();
961
962 /* FIXME (schwabe)
963 * getaddrinfo for the bind address might return multiple AF_INET/AF_INET6
964 * entries for the requested protocol.
965 * For example if an address has multiple A records
966 * What is the correct way to deal with it?
967 */
968
969 struct addrinfo *cur;
970
971 ASSERT(local);
972
973
974 /* find the first addrinfo with correct ai_family */
975 for (cur = local; cur; cur = cur->ai_next)
976 {
977 if (cur->ai_family == ai_family)
978 {
979 break;
980 }
981 }
982 if (!cur)
983 {
984 msg(M_FATAL, "%s: Socket bind failed: Addr to bind has no %s record", prefix,
985 addr_family_name(ai_family));
986 }
987
988 if (ai_family == AF_INET6)
989 {
990 int v6only = ipv6only ? 1 : 0; /* setsockopt must have an "int" */
991
992 msg(M_INFO, "setsockopt(IPV6_V6ONLY=%d)", v6only);
993 if (setsockopt(sd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&v6only, sizeof(v6only)))
994 {
995 msg(M_NONFATAL | M_ERRNO, "Setting IPV6_V6ONLY=%d failed", v6only);
996 }
997 }
998 if (openvpn_bind(sd, cur->ai_addr, cur->ai_addrlen))
999 {
1000 msg(M_FATAL | M_ERRNO, "%s: Socket bind failed on local address %s", prefix,
1001 print_sockaddr_ex(local->ai_addr, ":", PS_SHOW_PORT, &gc));
1002 }
1003 gc_free(&gc);
1004}
1005
1006int
1007openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout,
1008 volatile int *signal_received)
1009{
1010 int status = 0;
1011
1012#ifdef TARGET_ANDROID
1013 protect_fd_nonlocal(sd, remote);
1014#endif
1015 set_nonblock(sd);
1016 status = connect(sd, remote, af_addr_size(remote->sa_family));
1017 if (status)
1018 {
1019 status = openvpn_errno();
1020 }
1021 if (
1022#ifdef _WIN32
1023 status == WSAEWOULDBLOCK
1024#else
1025 status == EINPROGRESS
1026#endif
1027 )
1028 {
1029 while (true)
1030 {
1031#if POLL
1032 struct pollfd fds[1];
1033 fds[0].fd = sd;
1034 fds[0].events = POLLOUT;
1035 status = poll(fds, 1, (connect_timeout > 0) ? 1000 : 0);
1036#else
1037 fd_set writes;
1038 struct timeval tv;
1039
1040 FD_ZERO(&writes);
1041 openvpn_fd_set(sd, &writes);
1042 tv.tv_sec = (connect_timeout > 0) ? 1 : 0;
1043 tv.tv_usec = 0;
1044
1045 status = openvpn_select(sd + 1, NULL, &writes, NULL, &tv);
1046#endif
1047 if (signal_received)
1048 {
1049 get_signal(signal_received);
1050 if (*signal_received)
1051 {
1052 status = 0;
1053 break;
1054 }
1055 }
1056 if (status < 0)
1057 {
1058 status = openvpn_errno();
1059 break;
1060 }
1061 if (status <= 0)
1062 {
1063 if (--connect_timeout < 0)
1064 {
1065#ifdef _WIN32
1066 status = WSAETIMEDOUT;
1067#else
1068 status = ETIMEDOUT;
1069#endif
1070 break;
1071 }
1072 management_sleep(0);
1073 continue;
1074 }
1075
1076 /* got it */
1077 {
1078 int val = 0;
1079 socklen_t len;
1080
1081 len = sizeof(val);
1082 if (getsockopt(sd, SOL_SOCKET, SO_ERROR, (void *)&val, &len) == 0
1083 && len == sizeof(val))
1084 {
1085 status = val;
1086 }
1087 else
1088 {
1089 status = openvpn_errno();
1090 }
1091 break;
1092 }
1093 }
1094 }
1095
1096 return status;
1097}
1098
1099void
1100set_actual_address(struct link_socket_actual *actual, struct addrinfo *ai)
1101{
1102 CLEAR(*actual);
1103 ASSERT(ai);
1104
1105 if (ai->ai_family == AF_INET)
1106 {
1107 actual->dest.addr.in4 = *((struct sockaddr_in *)ai->ai_addr);
1108 }
1109 else if (ai->ai_family == AF_INET6)
1110 {
1111 actual->dest.addr.in6 = *((struct sockaddr_in6 *)ai->ai_addr);
1112 }
1113 else
1114 {
1115 ASSERT(0);
1116 }
1117}
1118
1119static void
1120socket_connect(socket_descriptor_t *sd, const struct sockaddr *dest, const int connect_timeout,
1121 struct signal_info *sig_info)
1122{
1123 struct gc_arena gc = gc_new();
1124 int status;
1125
1126 msg(M_INFO, "Attempting to establish TCP connection with %s", print_sockaddr(dest, &gc));
1127
1128#ifdef ENABLE_MANAGEMENT
1129 if (management)
1130 {
1131 management_set_state(management, OPENVPN_STATE_TCP_CONNECT, NULL, NULL, NULL, NULL, NULL);
1132 }
1133#endif
1134
1135 /* Set the actual address */
1136 status = openvpn_connect(*sd, dest, connect_timeout, &sig_info->signal_received);
1137
1138 get_signal(&sig_info->signal_received);
1139 if (sig_info->signal_received)
1140 {
1141 goto done;
1142 }
1143
1144 if (status)
1145 {
1146 msg(D_LINK_ERRORS, "TCP: connect to %s failed: %s", print_sockaddr(dest, &gc),
1147 strerror(status));
1148
1149 openvpn_close_socket(*sd);
1150 *sd = SOCKET_UNDEFINED;
1151 register_signal(sig_info, SIGUSR1, "connection-failed");
1152 }
1153 else
1154 {
1155 msg(M_INFO, "TCP connection established with %s", print_sockaddr(dest, &gc));
1156 }
1157
1158done:
1159 gc_free(&gc);
1160}
1161
1162/*
1163 * Stream buffer handling prototypes -- stream_buf is a helper class
1164 * to assist in the packetization of stream transport protocols
1165 * such as TCP.
1166 */
1167
1168static void stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags,
1169 const int proto);
1170
1171static void stream_buf_close(struct stream_buf *sb);
1172
1173static bool stream_buf_added(struct stream_buf *sb, int length_added);
1174
1175/* For stream protocols, allocate a buffer to build up packet.
1176 * Called after frame has been finalized. */
1177
1178static void
1179socket_frame_init(const struct frame *frame, struct link_socket *sock)
1180{
1181#ifdef _WIN32
1182 overlapped_io_init(&sock->reads, frame, FALSE);
1183 overlapped_io_init(&sock->writes, frame, TRUE);
1184 sock->rw_handle.read = sock->reads.overlapped.hEvent;
1185 sock->rw_handle.write = sock->writes.overlapped.hEvent;
1186#endif
1187
1188 if (link_socket_connection_oriented(sock))
1189 {
1190#ifdef _WIN32
1191 stream_buf_init(&sock->stream_buf, &sock->reads.buf_init, sock->sockflags,
1192 sock->info.proto);
1193#else
1194 alloc_buf_sock_tun(&sock->stream_buf_data, frame);
1195
1196 stream_buf_init(&sock->stream_buf, &sock->stream_buf_data, sock->sockflags,
1197 sock->info.proto);
1198#endif
1199 }
1200}
1201
1202#if defined(__GNUC__) || defined(__clang__)
1203#pragma GCC diagnostic push
1204#pragma GCC diagnostic ignored "-Wconversion"
1205#endif
1206
1207static void
1208resolve_bind_local(struct link_socket *sock, const sa_family_t af)
1209{
1210 struct gc_arena gc = gc_new();
1211
1212 /* resolve local address if undefined */
1213 if (!sock->info.lsa->bind_local)
1214 {
1215 unsigned int flags = GETADDR_RESOLVE | GETADDR_WARN_ON_SIGNAL | GETADDR_FATAL | GETADDR_PASSIVE;
1216 int status;
1217
1218 if (proto_is_dgram(sock->info.proto))
1219 {
1220 flags |= GETADDR_DATAGRAM;
1221 }
1222
1223 /* will return AF_{INET|INET6}from local_host */
1224 status = get_cached_dns_entry(sock->dns_cache, sock->local_host, sock->local_port, af,
1225 flags, &sock->info.lsa->bind_local);
1226
1227 if (status)
1228 {
1229 status = openvpn_getaddrinfo(flags, sock->local_host, sock->local_port, 0, NULL, af,
1230 &sock->info.lsa->bind_local);
1231 }
1232
1233 if (status != 0)
1234 {
1235 msg(M_FATAL, "getaddrinfo() failed for local \"%s:%s\": %s", sock->local_host,
1236 sock->local_port, gai_strerror(status));
1237 }
1238
1239 /* the address family returned by openvpn_getaddrinfo() should be
1240 * taken into consideration only if we really passed an hostname
1241 * to resolve. Otherwise its value is not useful to us and may
1242 * actually break our socket, i.e. when it returns AF_INET
1243 * but our remote is v6 only.
1244 */
1245 if (sock->local_host)
1246 {
1247 /* the resolved 'local entry' might have a different family than
1248 * what was globally configured
1249 */
1250 sock->info.af = sock->info.lsa->bind_local->ai_family;
1251 }
1252 }
1253
1254 gc_free(&gc);
1255}
1256
1257static void
1258resolve_remote(struct link_socket *sock, int phase, const char **remote_dynamic,
1259 struct signal_info *sig_info)
1260{
1261 volatile int *signal_received = sig_info ? &sig_info->signal_received : NULL;
1262 struct gc_arena gc = gc_new();
1263
1264 /* resolve remote address if undefined */
1265 if (!sock->info.lsa->remote_list)
1266 {
1267 if (sock->remote_host)
1268 {
1269 unsigned int flags =
1270 sf2gaf(GETADDR_RESOLVE | GETADDR_UPDATE_MANAGEMENT_STATE, sock->sockflags);
1271 int retry = 0;
1272 int status = -1;
1273 struct addrinfo *ai;
1274 if (proto_is_dgram(sock->info.proto))
1275 {
1276 flags |= GETADDR_DATAGRAM;
1277 }
1278
1279 if (sock->resolve_retry_seconds == RESOLV_RETRY_INFINITE)
1280 {
1281 if (phase == 2)
1282 {
1283 flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL);
1284 }
1285 retry = 0;
1286 }
1287 else if (phase == 1)
1288 {
1289 if (sock->resolve_retry_seconds)
1290 {
1291 retry = 0;
1292 }
1293 else
1294 {
1295 flags |= (GETADDR_FATAL | GETADDR_MENTION_RESOLVE_RETRY);
1296 retry = 0;
1297 }
1298 }
1299 else if (phase == 2)
1300 {
1301 if (sock->resolve_retry_seconds)
1302 {
1303 flags |= GETADDR_FATAL;
1304 retry = sock->resolve_retry_seconds;
1305 }
1306 else
1307 {
1308 ASSERT(0);
1309 }
1310 }
1311 else
1312 {
1313 ASSERT(0);
1314 }
1315
1316
1317 status = get_cached_dns_entry(sock->dns_cache, sock->remote_host, sock->remote_port,
1318 sock->info.af, flags, &ai);
1319 if (status)
1320 {
1321 status = openvpn_getaddrinfo(flags, sock->remote_host, sock->remote_port, retry,
1322 sig_info, sock->info.af, &ai);
1323 }
1324
1325 if (status == 0)
1326 {
1327 sock->info.lsa->remote_list = ai;
1328 sock->info.lsa->current_remote = ai;
1329
1330 dmsg(D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d",
1331 flags, phase, retry, signal_received ? *signal_received : -1, status);
1332 }
1333 if (signal_received && *signal_received)
1334 {
1335 goto done;
1336 }
1337 if (status != 0)
1338 {
1339 if (signal_received)
1340 {
1341 /* potential overwrite of signal */
1342 register_signal(sig_info, SIGUSR1, "socks-resolve-failure");
1343 }
1344 goto done;
1345 }
1346 }
1347 }
1348
1349 /* should we re-use previous active remote address? */
1350 if (link_socket_actual_defined(&sock->info.lsa->actual))
1351 {
1352 msg(M_INFO, "TCP/UDP: Preserving recently used remote address: %s",
1353 print_link_socket_actual(&sock->info.lsa->actual, &gc));
1354 if (remote_dynamic)
1355 {
1356 *remote_dynamic = NULL;
1357 }
1358 }
1359 else
1360 {
1361 CLEAR(sock->info.lsa->actual);
1362 if (sock->info.lsa->current_remote)
1363 {
1364 set_actual_address(&sock->info.lsa->actual, sock->info.lsa->current_remote);
1365 }
1366 }
1367
1368done:
1369 gc_free(&gc);
1370}
1371
1372
1373struct link_socket *
1374link_socket_new(void)
1375{
1376 struct link_socket *sock;
1377
1378 ALLOC_OBJ_CLEAR(sock, struct link_socket);
1379 sock->sd = SOCKET_UNDEFINED;
1380 sock->ctrl_sd = SOCKET_UNDEFINED;
1381 sock->ev_arg.type = EVENT_ARG_LINK_SOCKET;
1382 sock->ev_arg.u.sock = sock;
1383
1384 return sock;
1385}
1386
1387void
1388link_socket_init_phase1(struct context *c, int sock_index, int mode)
1389{
1390 struct link_socket *sock = c->c2.link_sockets[sock_index];
1391 struct options *o = &c->options;
1392 ASSERT(sock);
1393
1394 const char *host = o->ce.local_list->array[sock_index]->local;
1395 const char *port = o->ce.local_list->array[sock_index]->port;
1396 int proto = o->ce.local_list->array[sock_index]->proto;
1397 const char *remote_host = o->ce.remote;
1398 const char *remote_port = o->ce.remote_port;
1399
1400 if (remote_host)
1401 {
1402 proto = o->ce.proto;
1403 }
1404
1405 if (c->mode == CM_CHILD_TCP || c->mode == CM_CHILD_UDP)
1406 {
1407 struct link_socket *tmp_sock = NULL;
1408 if (c->mode == CM_CHILD_TCP)
1409 {
1410 tmp_sock = (struct link_socket *)c->c2.accept_from;
1411 }
1412 else if (c->mode == CM_CHILD_UDP)
1413 {
1414 tmp_sock = c->c2.link_sockets[0];
1415 }
1416
1417 host = tmp_sock->local_host;
1418 port = tmp_sock->local_port;
1419 proto = tmp_sock->info.proto;
1420 }
1421
1422 sock->local_host = host;
1423 sock->local_port = port;
1424 sock->remote_host = remote_host;
1425 sock->remote_port = remote_port;
1426 sock->dns_cache = c->c1.dns_cache;
1427 sock->http_proxy = c->c1.http_proxy;
1428 sock->socks_proxy = c->c1.socks_proxy;
1429 sock->bind_local = o->ce.bind_local;
1430 sock->resolve_retry_seconds = o->resolve_retry_seconds;
1431 sock->mtu_discover_type = o->ce.mtu_discover_type;
1432
1433#ifdef ENABLE_DEBUG
1434 sock->gremlin = o->gremlin;
1435#endif
1436
1437 sock->socket_buffer_sizes.rcvbuf = o->rcvbuf;
1438 sock->socket_buffer_sizes.sndbuf = o->sndbuf;
1439
1440 sock->sockflags = o->sockflags;
1441
1442#if PORT_SHARE
1443 if (o->port_share_host && o->port_share_port)
1444 {
1445 sock->sockflags |= SF_PORT_SHARE;
1446 }
1447#endif
1448
1449 sock->mark = o->mark;
1450 sock->bind_dev = o->bind_dev;
1451 sock->info.proto = proto;
1452 sock->info.af = o->ce.af;
1453 sock->info.remote_float = o->ce.remote_float;
1454 sock->info.lsa = &c->c1.link_socket_addrs[sock_index];
1455 sock->info.bind_ipv6_only = o->ce.bind_ipv6_only;
1456 sock->info.ipchange_command = o->ipchange;
1457 sock->info.plugins = c->plugins;
1458 sock->server_poll_timeout = &c->c2.server_poll_interval;
1459
1460 sock->mode = mode;
1461 if (mode == LS_MODE_TCP_ACCEPT_FROM)
1462 {
1463 ASSERT(c->c2.accept_from);
1464 ASSERT(sock->info.proto == PROTO_TCP_SERVER);
1465 sock->sd = c->c2.accept_from->sd;
1466 /* inherit (possibly guessed) info AF from parent context */
1467 sock->info.af = c->c2.accept_from->info.af;
1468 }
1469
1470 /* are we running in HTTP proxy mode? */
1471 if (sock->http_proxy)
1472 {
1473 ASSERT(sock->info.proto == PROTO_TCP_CLIENT);
1474
1475 /* the proxy server */
1476 sock->remote_host = c->c1.http_proxy->options.server;
1477 sock->remote_port = c->c1.http_proxy->options.port;
1478
1479 /* the OpenVPN server we will use the proxy to connect to */
1480 sock->proxy_dest_host = remote_host;
1481 sock->proxy_dest_port = remote_port;
1482 }
1483 /* or in Socks proxy mode? */
1484 else if (sock->socks_proxy)
1485 {
1486 /* the proxy server */
1487 sock->remote_host = c->c1.socks_proxy->server;
1488 sock->remote_port = c->c1.socks_proxy->port;
1489
1490 /* the OpenVPN server we will use the proxy to connect to */
1491 sock->proxy_dest_host = remote_host;
1492 sock->proxy_dest_port = remote_port;
1493 }
1494 else
1495 {
1496 sock->remote_host = remote_host;
1497 sock->remote_port = remote_port;
1498 }
1499
1500 /* bind behavior for TCP server vs. client */
1501 if (sock->info.proto == PROTO_TCP_SERVER)
1502 {
1503 if (sock->mode == LS_MODE_TCP_ACCEPT_FROM)
1504 {
1505 sock->bind_local = false;
1506 }
1507 else
1508 {
1509 sock->bind_local = true;
1510 }
1511 }
1512
1513 if (mode != LS_MODE_TCP_ACCEPT_FROM)
1514 {
1515 if (sock->bind_local)
1516 {
1517 resolve_bind_local(sock, sock->info.af);
1518 }
1519 resolve_remote(sock, 1, NULL, NULL);
1520 }
1521}
1522
1523static void
1524phase2_set_socket_flags(struct link_socket *sock)
1525{
1526 /* set misc socket parameters */
1527 socket_set_flags(sock->sd, sock->sockflags);
1528
1529 /* set socket to non-blocking mode */
1530 set_nonblock(sock->sd);
1531
1532 /* set Path MTU discovery options on the socket */
1533 set_mtu_discover_type(sock->sd, sock->mtu_discover_type, sock->info.af);
1534
1535#if EXTENDED_SOCKET_ERROR_CAPABILITY
1536 /* if the OS supports it, enable extended error passing on the socket */
1537 set_sock_extended_error_passing(sock->sd, sock->info.af);
1538#endif
1539}
1540
1541
1542static void
1543linksock_print_addr(struct link_socket *sock)
1544{
1545 struct gc_arena gc = gc_new();
1546 const msglvl_t msglevel = (sock->mode == LS_MODE_TCP_ACCEPT_FROM) ? D_INIT_MEDIUM : M_INFO;
1547
1548 /* print local address */
1549 if (sock->bind_local)
1550 {
1551 sa_family_t ai_family = sock->info.lsa->actual.dest.addr.sa.sa_family;
1552 /* Socket is always bound on the first matching address,
1553 * For bound sockets with no remote addr this is the element of
1554 * the list */
1555 struct addrinfo *cur;
1556 for (cur = sock->info.lsa->bind_local; cur; cur = cur->ai_next)
1557 {
1558 if (!ai_family || ai_family == cur->ai_family)
1559 {
1560 break;
1561 }
1562 }
1563 ASSERT(cur);
1564 msg(msglevel, "%s link local (bound): %s",
1565 proto2ascii(sock->info.proto, sock->info.af, true), print_sockaddr(cur->ai_addr, &gc));
1566 }
1567 else
1568 {
1569 msg(msglevel, "%s link local: (not bound)",
1570 proto2ascii(sock->info.proto, sock->info.af, true));
1571 }
1572
1573 /* print active remote address */
1574 msg(msglevel, "%s link remote: %s", proto2ascii(sock->info.proto, sock->info.af, true),
1575 print_link_socket_actual_ex(&sock->info.lsa->actual, ":", PS_SHOW_PORT_IF_DEFINED, &gc));
1576 gc_free(&gc);
1577}
1578
1579static void
1580phase2_tcp_server(struct link_socket *sock, const char *remote_dynamic,
1581 struct signal_info *sig_info)
1582{
1583 ASSERT(sig_info);
1584 volatile int *signal_received = &sig_info->signal_received;
1585 switch (sock->mode)
1586 {
1587 case LS_MODE_DEFAULT:
1588 sock->sd =
1589 socket_listen_accept(sock->sd, &sock->info.lsa->actual, remote_dynamic,
1590 sock->info.lsa->bind_local, true, false, signal_received);
1591 break;
1592
1593 case LS_MODE_TCP_LISTEN:
1594 socket_do_listen(sock->sd, sock->info.lsa->bind_local, true, false);
1595 break;
1596
1597 case LS_MODE_TCP_ACCEPT_FROM:
1598 sock->sd = socket_do_accept(sock->sd, &sock->info.lsa->actual, false);
1599 if (!socket_defined(sock->sd))
1600 {
1601 register_signal(sig_info, SIGTERM, "socket-undefined");
1602 return;
1603 }
1604 tcp_connection_established(&sock->info.lsa->actual);
1605 break;
1606
1607 default:
1608 ASSERT(0);
1609 }
1610}
1611
1612
1613static void
1614phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info)
1615{
1616 bool proxy_retry = false;
1617 do
1618 {
1619 socket_connect(&sock->sd, sock->info.lsa->current_remote->ai_addr,
1620 get_server_poll_remaining_time(sock->server_poll_timeout), sig_info);
1621
1622 if (sig_info->signal_received)
1623 {
1624 return;
1625 }
1626
1627 if (sock->http_proxy)
1628 {
1629 proxy_retry = establish_http_proxy_passthru(
1630 sock->http_proxy, sock->sd, sock->proxy_dest_host, sock->proxy_dest_port,
1631 sock->server_poll_timeout, &sock->stream_buf.residual, sig_info);
1632 }
1633 else if (sock->socks_proxy)
1634 {
1635 establish_socks_proxy_passthru(sock->socks_proxy, sock->sd, sock->proxy_dest_host,
1636 sock->proxy_dest_port, sock->server_poll_timeout,
1637 sig_info);
1638 }
1639 if (proxy_retry)
1640 {
1641 openvpn_close_socket(sock->sd);
1642 sock->sd = create_socket_tcp(sock->info.lsa->current_remote);
1643 }
1644
1645 } while (proxy_retry);
1646}
1647
1648static void
1649phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info)
1650{
1651 socket_connect(&sock->ctrl_sd, sock->info.lsa->current_remote->ai_addr,
1652 get_server_poll_remaining_time(sock->server_poll_timeout), sig_info);
1653
1654 if (sig_info->signal_received)
1655 {
1656 return;
1657 }
1658
1659 establish_socks_proxy_udpassoc(sock->socks_proxy, sock->ctrl_sd, &sock->socks_relay.dest,
1660 sock->server_poll_timeout, sig_info);
1661
1662 if (sig_info->signal_received)
1663 {
1664 return;
1665 }
1666
1667 sock->remote_host = sock->proxy_dest_host;
1668 sock->remote_port = sock->proxy_dest_port;
1669
1670 addr_zero_host(&sock->info.lsa->actual.dest);
1671 if (sock->info.lsa->remote_list)
1672 {
1673 freeaddrinfo(sock->info.lsa->remote_list);
1674 sock->info.lsa->current_remote = NULL;
1675 sock->info.lsa->remote_list = NULL;
1676 }
1677
1678 resolve_remote(sock, 1, NULL, sig_info);
1679}
1680
1681#if defined(_WIN32)
1682static void
1683create_socket_dco_win(struct context *c, struct link_socket *sock, struct signal_info *sig_info)
1684{
1685 /* in P2P mode we must have remote resolved at this point */
1686 struct addrinfo *remoteaddr = sock->info.lsa->current_remote;
1687 if ((c->options.mode == MODE_POINT_TO_POINT) && (!remoteaddr))
1688 {
1689 return;
1690 }
1691
1692 if (!c->c1.tuntap)
1693 {
1694 struct tuntap *tt;
1695 ALLOC_OBJ_CLEAR(tt, struct tuntap);
1696
1697 tt->backend_driver = DRIVER_DCO;
1698 tt->options.msg_channel = c->options.msg_channel;
1699
1700 const char *device_guid = NULL; /* not used */
1701 tun_open_device(tt, c->options.dev_node, &device_guid, &c->gc);
1702
1703 /* Ensure we can "safely" cast the handle to a socket */
1704 static_assert(sizeof(sock->sd) == sizeof(tt->hand), "HANDLE and SOCKET size differs");
1705
1706 c->c1.tuntap = tt;
1707 }
1708
1709 if (c->options.mode == MODE_SERVER)
1710 {
1711 dco_mp_start_vpn(c->c1.tuntap->hand, sock);
1712 }
1713 else
1714 {
1715 dco_p2p_new_peer(c->c1.tuntap->hand, &c->c1.tuntap->dco_new_peer_ov, sock, sig_info);
1716 }
1717 sock->sockflags |= SF_DCO_WIN;
1718
1719 if (sig_info->signal_received)
1720 {
1721 return;
1722 }
1723
1724 sock->sd = (SOCKET)c->c1.tuntap->hand;
1725 linksock_print_addr(sock);
1726}
1727#endif /* if defined(_WIN32) */
1728
1729/* finalize socket initialization */
1730void
1731link_socket_init_phase2(struct context *c, struct link_socket *sock)
1732{
1733 const struct frame *frame = &c->c2.frame;
1734 struct signal_info *sig_info = c->sig;
1735
1736 const char *remote_dynamic = NULL;
1737 struct signal_info sig_save = { 0 };
1738
1739 ASSERT(sock);
1740 ASSERT(sig_info);
1741
1742 if (sig_info->signal_received)
1743 {
1744 sig_save = *sig_info;
1745 sig_save.signal_received = signal_reset(sig_info, 0);
1746 }
1747
1748 /* initialize buffers */
1749 socket_frame_init(frame, sock);
1750
1751 /*
1752 * Pass a remote name to connect/accept so that
1753 * they can test for dynamic IP address changes
1754 * and throw a SIGUSR1 if appropriate.
1755 */
1756 if (sock->resolve_retry_seconds)
1757 {
1758 remote_dynamic = sock->remote_host;
1759 }
1760
1761 /* Second chance to resolv/create socket */
1762 resolve_remote(sock, 2, &remote_dynamic, sig_info);
1763
1764 /* If a valid remote has been found, create the socket with its addrinfo */
1765#if defined(_WIN32)
1766 if (dco_enabled(&c->options))
1767 {
1768 create_socket_dco_win(c, sock, sig_info);
1769 goto done;
1770 }
1771#endif
1772 if (sock->info.lsa->current_remote)
1773 {
1774 create_socket(sock, sock->info.lsa->current_remote);
1775 }
1776
1777 /* If socket has not already been created create it now */
1778 if (sock->sd == SOCKET_UNDEFINED)
1779 {
1780 /* If we have no --remote and have still not figured out the
1781 * protocol family to use we will use the first of the bind */
1782
1783 if (sock->bind_local && !sock->remote_host && sock->info.lsa->bind_local)
1784 {
1785 /* Warn if this is because neither v4 or v6 was specified
1786 * and we should not connect a remote */
1787 if (sock->info.af == AF_UNSPEC)
1788 {
1789 msg(M_WARN, "Could not determine IPv4/IPv6 protocol. Using %s",
1790 addr_family_name(sock->info.lsa->bind_local->ai_family));
1791 sock->info.af = sock->info.lsa->bind_local->ai_family;
1792 }
1793 create_socket(sock, sock->info.lsa->bind_local);
1794 }
1795 }
1796
1797 /* Socket still undefined, give a warning and abort connection */
1798 if (sock->sd == SOCKET_UNDEFINED)
1799 {
1800 msg(M_WARN, "Could not determine IPv4/IPv6 protocol");
1801 register_signal(sig_info, SIGUSR1, "Could not determine IPv4/IPv6 protocol");
1802 goto done;
1803 }
1804
1805 if (sig_info->signal_received)
1806 {
1807 goto done;
1808 }
1809
1810 if (sock->info.proto == PROTO_TCP_SERVER)
1811 {
1812 phase2_tcp_server(sock, remote_dynamic, sig_info);
1813 }
1814 else if (sock->info.proto == PROTO_TCP_CLIENT)
1815 {
1816 phase2_tcp_client(sock, sig_info);
1817 }
1818 else if (sock->info.proto == PROTO_UDP && sock->socks_proxy)
1819 {
1820 phase2_socks_client(sock, sig_info);
1821 }
1822#ifdef TARGET_ANDROID
1823 if (sock->sd != -1)
1824 {
1825 protect_fd_nonlocal(sock->sd, &sock->info.lsa->actual.dest.addr.sa);
1826 }
1827#endif
1828 if (sig_info->signal_received)
1829 {
1830 goto done;
1831 }
1832
1833 phase2_set_socket_flags(sock);
1834 linksock_print_addr(sock);
1835
1836done:
1837 if (sig_save.signal_received)
1838 {
1839 /* Always restore the saved signal -- register/throw_signal will handle priority */
1840 if (sig_save.source == SIG_SOURCE_HARD && sig_info == &siginfo_static)
1841 {
1842 throw_signal(sig_save.signal_received);
1843 }
1844 else
1845 {
1846 register_signal(sig_info, sig_save.signal_received, sig_save.signal_text);
1847 }
1848 }
1849}
1850
1851void
1852link_socket_close(struct link_socket *sock)
1853{
1854 if (sock)
1855 {
1856#ifdef ENABLE_DEBUG
1857 const int gremlin = GREMLIN_CONNECTION_FLOOD_LEVEL(sock->gremlin);
1858#else
1859 const int gremlin = 0;
1860#endif
1861
1862 if (socket_defined(sock->sd))
1863 {
1864#ifdef _WIN32
1865 close_net_event_win32(&sock->listen_handle, sock->sd, 0);
1866#endif
1867 if (!gremlin)
1868 {
1869 msg(D_LOW, "TCP/UDP: Closing socket");
1870 if (openvpn_close_socket(sock->sd))
1871 {
1872 msg(M_WARN | M_ERRNO, "TCP/UDP: Close Socket failed");
1873 }
1874 }
1875 sock->sd = SOCKET_UNDEFINED;
1876#ifdef _WIN32
1877 if (!gremlin)
1878 {
1879 overlapped_io_close(&sock->reads);
1880 overlapped_io_close(&sock->writes);
1881 }
1882#endif
1883 }
1884
1885 if (socket_defined(sock->ctrl_sd))
1886 {
1887 if (openvpn_close_socket(sock->ctrl_sd))
1888 {
1889 msg(M_WARN | M_ERRNO, "TCP/UDP: Close Socket (ctrl_sd) failed");
1890 }
1891 sock->ctrl_sd = SOCKET_UNDEFINED;
1892 }
1893
1894 stream_buf_close(&sock->stream_buf);
1895 free_buf(&sock->stream_buf_data);
1896 if (!gremlin)
1897 {
1898 free(sock);
1899 }
1900 }
1901}
1902
1903void
1904setenv_trusted(struct env_set *es, const struct link_socket_info *info)
1905{
1906 setenv_link_socket_actual(es, "trusted", &info->lsa->actual, SA_IP_PORT);
1907}
1908
1909static void
1910ipchange_fmt(const bool include_cmd, struct argv *argv, const struct link_socket_info *info,
1911 struct gc_arena *gc)
1912{
1913 const char *host = print_sockaddr_ex(&info->lsa->actual.dest.addr.sa, " ", PS_SHOW_PORT, gc);
1914 if (include_cmd)
1915 {
1916 argv_parse_cmd(argv, info->ipchange_command);
1917 argv_printf_cat(argv, "%s", host);
1918 }
1919 else
1920 {
1921 argv_printf(argv, "%s", host);
1922 }
1923}
1924
1925void
1926link_socket_connection_initiated(struct link_socket_info *info,
1927 const struct link_socket_actual *act, const char *common_name,
1928 struct env_set *es)
1929{
1930 struct gc_arena gc = gc_new();
1931
1932 info->lsa->actual = *act; /* Note: skip this line for --force-dest */
1933 setenv_trusted(es, info);
1934 info->connection_established = true;
1935
1936 /* Print connection initiated message, with common name if available */
1937 {
1938 struct buffer out = alloc_buf_gc(256, &gc);
1939 if (common_name)
1940 {
1941 buf_printf(&out, "[%s] ", common_name);
1942 }
1943 buf_printf(&out, "Peer Connection Initiated with %s",
1944 print_link_socket_actual(&info->lsa->actual, &gc));
1945 msg(M_INFO, "%s", BSTR(&out));
1946 }
1947
1948 /* set environmental vars */
1949 setenv_str(es, "common_name", common_name);
1950
1951 /* Process --ipchange plugin */
1952 if (plugin_defined(info->plugins, OPENVPN_PLUGIN_IPCHANGE))
1953 {
1954 struct argv argv = argv_new();
1955 ipchange_fmt(false, &argv, info, &gc);
1956 if (plugin_call(info->plugins, OPENVPN_PLUGIN_IPCHANGE, &argv, NULL, es)
1957 != OPENVPN_PLUGIN_FUNC_SUCCESS)
1958 {
1959 msg(M_WARN, "WARNING: ipchange plugin call failed");
1960 }
1961 argv_free(&argv);
1962 }
1963
1964 /* Process --ipchange option */
1965 if (info->ipchange_command)
1966 {
1967 struct argv argv = argv_new();
1968 setenv_str(es, "script_type", "ipchange");
1969 ipchange_fmt(true, &argv, info, &gc);
1970 openvpn_run_script(&argv, es, 0, "--ipchange");
1971 argv_free(&argv);
1972 }
1973
1974 gc_free(&gc);
1975}
1976
1977void
1978link_socket_bad_incoming_addr(struct buffer *buf, const struct link_socket_info *info,
1979 const struct link_socket_actual *from_addr)
1980{
1981 struct gc_arena gc = gc_new();
1982 struct addrinfo *ai;
1983
1984 switch (from_addr->dest.addr.sa.sa_family)
1985 {
1986 case AF_INET:
1987 case AF_INET6:
1988 msg(D_LINK_ERRORS,
1989 "TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)",
1990 print_link_socket_actual(from_addr, &gc), (int)from_addr->dest.addr.sa.sa_family,
1991 print_sockaddr_ex(info->lsa->remote_list->ai_addr, ":", PS_SHOW_PORT, &gc));
1992 /* print additional remote addresses */
1993 for (ai = info->lsa->remote_list->ai_next; ai; ai = ai->ai_next)
1994 {
1995 msg(D_LINK_ERRORS, "or from peer address: %s",
1996 print_sockaddr_ex(ai->ai_addr, ":", PS_SHOW_PORT, &gc));
1997 }
1998 break;
1999 }
2000 buf->len = 0;
2001 gc_free(&gc);
2002}
2003
2004void
2005link_socket_bad_outgoing_addr(void)
2006{
2007 dmsg(D_READ_WRITE, "TCP/UDP: No outgoing address to send packet");
2008}
2009
2010in_addr_t
2011link_socket_current_remote(const struct link_socket_info *info)
2012{
2013 const struct link_socket_addr *lsa = info->lsa;
2014
2015 /*
2016 * This logic supports "redirect-gateway" semantic, which
2017 * makes sense only for PF_INET routes over PF_INET endpoints
2018 *
2019 * Maybe in the future consider PF_INET6 endpoints also ...
2020 * by now just ignore it
2021 *
2022 * For --remote entries with multiple addresses this
2023 * only return the actual endpoint we have successfully connected to
2024 */
2025 if (lsa->actual.dest.addr.sa.sa_family != AF_INET)
2026 {
2027 return IPV4_INVALID_ADDR;
2028 }
2029
2030 if (link_socket_actual_defined(&lsa->actual))
2031 {
2032 return ntohl(lsa->actual.dest.addr.in4.sin_addr.s_addr);
2033 }
2034 else if (lsa->current_remote)
2035 {
2036 return ntohl(((struct sockaddr_in *)lsa->current_remote->ai_addr)->sin_addr.s_addr);
2037 }
2038 else
2039 {
2040 return 0;
2041 }
2042}
2043
2044const struct in6_addr *
2045link_socket_current_remote_ipv6(const struct link_socket_info *info)
2046{
2047 const struct link_socket_addr *lsa = info->lsa;
2048
2049 /* This logic supports "redirect-gateway" semantic,
2050 * for PF_INET6 routes over PF_INET6 endpoints
2051 *
2052 * For --remote entries with multiple addresses this
2053 * only return the actual endpoint we have successfully connected to
2054 */
2055 if (lsa->actual.dest.addr.sa.sa_family != AF_INET6)
2056 {
2057 return NULL;
2058 }
2059
2060 if (link_socket_actual_defined(&lsa->actual))
2061 {
2062 return &(lsa->actual.dest.addr.in6.sin6_addr);
2063 }
2064 else if (lsa->current_remote)
2065 {
2066 return &(((struct sockaddr_in6 *)lsa->current_remote->ai_addr)->sin6_addr);
2067 }
2068 else
2069 {
2070 return NULL;
2071 }
2072}
2073
2074/*
2075 * Return a status string describing socket state.
2076 */
2077const char *
2078socket_stat(const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc)
2079{
2080 struct buffer out = alloc_buf_gc(64, gc);
2081 if (s)
2082 {
2083 if (rwflags & EVENT_READ)
2084 {
2085 buf_printf(&out, "S%s", (s->rwflags_debug & EVENT_READ) ? "R" : "r");
2086#ifdef _WIN32
2087 buf_printf(&out, "%s", overlapped_io_state_ascii(&s->reads));
2088#endif
2089 }
2090 if (rwflags & EVENT_WRITE)
2091 {
2092 buf_printf(&out, "S%s", (s->rwflags_debug & EVENT_WRITE) ? "W" : "w");
2093#ifdef _WIN32
2094 buf_printf(&out, "%s", overlapped_io_state_ascii(&s->writes));
2095#endif
2096 }
2097 }
2098 else
2099 {
2100 buf_printf(&out, "S?");
2101 }
2102 return BSTR(&out);
2103}
2104
2105/*
2106 * Stream buffer functions, used to packetize a TCP
2107 * stream connection.
2108 */
2109
2110static inline void
2111stream_buf_reset(struct stream_buf *sb)
2112{
2113 dmsg(D_STREAM_DEBUG, "STREAM: RESET");
2114 sb->residual_fully_formed = false;
2115 sb->buf = sb->buf_init;
2116 buf_reset(&sb->next);
2117 sb->len = -1;
2118}
2119
2120static void
2121stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags,
2122 const int proto)
2123{
2124 sb->buf_init = *buf;
2125 sb->maxlen = sb->buf_init.len;
2126 sb->buf_init.len = 0;
2127 sb->residual = alloc_buf(sb->maxlen);
2128 sb->error = false;
2129#if PORT_SHARE
2130 sb->port_share_state =
2131 ((sockflags & SF_PORT_SHARE) && (proto == PROTO_TCP_SERVER)) ? PS_ENABLED : PS_DISABLED;
2132#endif
2133 stream_buf_reset(sb);
2134
2135 dmsg(D_STREAM_DEBUG, "STREAM: INIT maxlen=%d", sb->maxlen);
2136}
2137
2138static inline void
2139stream_buf_set_next(struct stream_buf *sb)
2140{
2141 /* set up 'next' for next i/o read */
2142 sb->next = sb->buf;
2143 sb->next.offset = sb->buf.offset + sb->buf.len;
2144 sb->next.len = (sb->len >= 0 ? sb->len : sb->maxlen) - sb->buf.len;
2145 dmsg(D_STREAM_DEBUG, "STREAM: SET NEXT, buf=[%d,%d] next=[%d,%d] len=%d maxlen=%d",
2146 sb->buf.offset, sb->buf.len, sb->next.offset, sb->next.len, sb->len, sb->maxlen);
2147 ASSERT(sb->next.len > 0);
2148 ASSERT(buf_safe(&sb->buf, sb->next.len));
2149}
2150
2151static inline void
2152stream_buf_get_final(struct stream_buf *sb, struct buffer *buf)
2153{
2154 dmsg(D_STREAM_DEBUG, "STREAM: GET FINAL len=%d", buf_defined(&sb->buf) ? sb->buf.len : -1);
2155 ASSERT(buf_defined(&sb->buf));
2156 *buf = sb->buf;
2157}
2158
2159static inline void
2160stream_buf_get_next(struct stream_buf *sb, struct buffer *buf)
2161{
2162 dmsg(D_STREAM_DEBUG, "STREAM: GET NEXT len=%d", buf_defined(&sb->next) ? sb->next.len : -1);
2163 ASSERT(buf_defined(&sb->next));
2164 *buf = sb->next;
2165}
2166
2167bool
2168stream_buf_read_setup_dowork(struct link_socket *sock)
2169{
2170 if (sock->stream_buf.residual.len && !sock->stream_buf.residual_fully_formed)
2171 {
2172 ASSERT(buf_copy(&sock->stream_buf.buf, &sock->stream_buf.residual));
2173 ASSERT(buf_init(&sock->stream_buf.residual, 0));
2174 sock->stream_buf.residual_fully_formed = stream_buf_added(&sock->stream_buf, 0);
2175 dmsg(D_STREAM_DEBUG, "STREAM: RESIDUAL FULLY FORMED [%s], len=%d",
2176 sock->stream_buf.residual_fully_formed ? "YES" : "NO", sock->stream_buf.residual.len);
2177 }
2178
2179 if (!sock->stream_buf.residual_fully_formed)
2180 {
2181 stream_buf_set_next(&sock->stream_buf);
2182 }
2183 return !sock->stream_buf.residual_fully_formed;
2184}
2185
2186static bool
2187stream_buf_added(struct stream_buf *sb, int length_added)
2188{
2189 dmsg(D_STREAM_DEBUG, "STREAM: ADD length_added=%d", length_added);
2190 if (length_added > 0)
2191 {
2192 sb->buf.len += length_added;
2193 }
2194
2195 /* if length unknown, see if we can get the length prefix from
2196 * the head of the buffer */
2197 if (sb->len < 0 && sb->buf.len >= (int)sizeof(packet_size_type))
2198 {
2199 packet_size_type net_size;
2200
2201#if PORT_SHARE
2202 if (sb->port_share_state == PS_ENABLED)
2203 {
2204 if (!is_openvpn_protocol(&sb->buf))
2205 {
2206 msg(D_STREAM_ERRORS, "Non-OpenVPN client protocol detected");
2207 sb->port_share_state = PS_FOREIGN;
2208 sb->error = true;
2209 return false;
2210 }
2211 else
2212 {
2213 sb->port_share_state = PS_DISABLED;
2214 }
2215 }
2216#endif
2217
2218 ASSERT(buf_read(&sb->buf, &net_size, sizeof(net_size)));
2219 sb->len = ntohps(net_size);
2220
2221 if (sb->len < 1 || sb->len > sb->maxlen)
2222 {
2223 msg(M_WARN,
2224 "WARNING: Bad encapsulated packet length from peer (%d), which must be > 0 and <= %d -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]",
2225 sb->len, sb->maxlen);
2226 stream_buf_reset(sb);
2227 sb->error = true;
2228 return false;
2229 }
2230 }
2231
2232 /* is our incoming packet fully read? */
2233 if (sb->len > 0 && sb->buf.len >= sb->len)
2234 {
2235 /* save any residual data that's part of the next packet */
2236 ASSERT(buf_init(&sb->residual, 0));
2237 if (sb->buf.len > sb->len)
2238 {
2239 ASSERT(buf_copy_excess(&sb->residual, &sb->buf, sb->len));
2240 }
2241 dmsg(D_STREAM_DEBUG, "STREAM: ADD returned TRUE, buf_len=%d, residual_len=%d",
2242 BLEN(&sb->buf), BLEN(&sb->residual));
2243 return true;
2244 }
2245 else
2246 {
2247 dmsg(D_STREAM_DEBUG, "STREAM: ADD returned FALSE (have=%d need=%d)", sb->buf.len, sb->len);
2248 stream_buf_set_next(sb);
2249 return false;
2250 }
2251}
2252
2253static void
2254stream_buf_close(struct stream_buf *sb)
2255{
2256 free_buf(&sb->residual);
2257}
2258
2259/*
2260 * The listen event is a special event whose sole purpose is
2261 * to tell us that there's a new incoming connection on a
2262 * TCP socket, for use in server mode.
2263 */
2264event_t
2265socket_listen_event_handle(struct link_socket *s)
2266{
2267#ifdef _WIN32
2268 if (!defined_net_event_win32(&s->listen_handle))
2269 {
2270 init_net_event_win32(&s->listen_handle, FD_ACCEPT, s->sd, 0);
2271 }
2272 return &s->listen_handle;
2273#else /* ifdef _WIN32 */
2274 return s->sd;
2275#endif
2276}
2277
2278
2279/*
2280 * Bad incoming address lengths that differ from what
2281 * we expect are considered to be fatal errors.
2282 */
2283void
2284bad_address_length(int actual, int expected)
2285{
2286 msg(M_FATAL,
2287 "ERROR: received strange incoming packet with an address length of %d -- we only accept address lengths of %d.",
2288 actual, expected);
2289}
2290
2291/*
2292 * Socket Read Routines
2293 */
2294
2295int
2296link_socket_read_tcp(struct link_socket *sock, struct buffer *buf)
2297{
2298 int len = 0;
2299
2300 if (!sock->stream_buf.residual_fully_formed)
2301 {
2302 /* with Linux-DCO, we sometimes try to access a socket that is
2303 * already installed in the kernel and has no valid file descriptor
2304 * anymore. This is a bug.
2305 * Handle by resetting client instance instead of crashing.
2306 */
2307 if (sock->sd == SOCKET_UNDEFINED)
2308 {
2309 msg(M_INFO, "BUG: link_socket_read_tcp(): sock->sd==-1, reset client instance");
2310 sock->stream_reset = true; /* reset client instance */
2311 return buf->len = 0; /* nothing to read */
2312 }
2313
2314#ifdef _WIN32
2315 sockethandle_t sh = { .s = sock->sd };
2316 len = sockethandle_finalize(sh, &sock->reads, buf, NULL);
2317#else
2318 struct buffer frag;
2319 stream_buf_get_next(&sock->stream_buf, &frag);
2320 len = recv(sock->sd, BPTR(&frag), BLEN(&frag), MSG_NOSIGNAL);
2321#endif
2322
2323 if (!len)
2324 {
2325 sock->stream_reset = true;
2326 }
2327 if (len <= 0)
2328 {
2329 return buf->len = len;
2330 }
2331 }
2332
2333 if (sock->stream_buf.residual_fully_formed
2334 || stream_buf_added(&sock->stream_buf, len)) /* packet complete? */
2335 {
2336 stream_buf_get_final(&sock->stream_buf, buf);
2337 stream_buf_reset(&sock->stream_buf);
2338 return buf->len;
2339 }
2340 else
2341 {
2342 return buf->len = 0; /* no error, but packet is still incomplete */
2343 }
2344}
2345
2346#ifndef _WIN32
2347
2348#if ENABLE_IP_PKTINFO
2349
2350/* make the buffer large enough to handle ancillary socket data for
2351 * both IPv4 and IPv6 destination addresses, plus padding (see RFC 2292)
2352 */
2353#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2354#define PKTINFO_BUF_SIZE \
2355 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_pktinfo)))
2356#else
2357#define PKTINFO_BUF_SIZE \
2358 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_addr)))
2359#endif
2360
2361static socklen_t
2362link_socket_read_udp_posix_recvmsg(struct link_socket *sock, struct buffer *buf,
2363 struct link_socket_actual *from)
2364{
2365 struct iovec iov;
2366 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2367 struct msghdr mesg = { 0 };
2368 socklen_t fromlen = sizeof(from->dest.addr);
2369
2370 ASSERT(sock->sd >= 0); /* can't happen */
2371
2372 iov.iov_base = BPTR(buf);
2373 iov.iov_len = buf_forward_capacity_total(buf);
2374 mesg.msg_iov = &iov;
2375 mesg.msg_iovlen = 1;
2376 mesg.msg_name = &from->dest.addr;
2377 mesg.msg_namelen = fromlen;
2378 mesg.msg_control = pktinfo_buf;
2379 mesg.msg_controllen = sizeof pktinfo_buf;
2380 buf->len = recvmsg(sock->sd, &mesg, 0);
2381 if (buf->len >= 0)
2382 {
2383 struct cmsghdr *cmsg;
2384 fromlen = mesg.msg_namelen;
2385 cmsg = CMSG_FIRSTHDR(&mesg);
2386 if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2387#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2388 && cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO
2389 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_pktinfo)))
2390#elif defined(IP_RECVDSTADDR)
2391 && cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_RECVDSTADDR
2392 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_addr)))
2393#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2394#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2395#endif
2396 {
2397#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2398 struct in_pktinfo *pkti = (struct in_pktinfo *)CMSG_DATA(cmsg);
2399 from->pi.in4.ipi_ifindex =
2400 (sock->sockflags & SF_PKTINFO_COPY_IIF) ? pkti->ipi_ifindex : 0;
2401 from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst;
2402#elif defined(IP_RECVDSTADDR)
2403 from->pi.in4 = *(struct in_addr *)CMSG_DATA(cmsg);
2404#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2405#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2406#endif
2407 }
2408 else if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2409 && cmsg->cmsg_level == IPPROTO_IPV6 && cmsg->cmsg_type == IPV6_PKTINFO
2410 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in6_pktinfo)))
2411 {
2412 struct in6_pktinfo *pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg);
2413 from->pi.in6.ipi6_ifindex =
2414 (sock->sockflags & SF_PKTINFO_COPY_IIF) ? pkti6->ipi6_ifindex : 0;
2415 from->pi.in6.ipi6_addr = pkti6->ipi6_addr;
2416 }
2417 else if (cmsg != NULL)
2418 {
2419 msg(M_WARN,
2420 "CMSG received that cannot be parsed (cmsg_level=%d, cmsg_type=%d, cmsg=len=%d)",
2421 (int)cmsg->cmsg_level, (int)cmsg->cmsg_type, (int)cmsg->cmsg_len);
2422 }
2423 }
2424
2425 return fromlen;
2426}
2427#endif /* if ENABLE_IP_PKTINFO */
2428
2429int
2430link_socket_read_udp_posix(struct link_socket *sock, struct buffer *buf,
2431 struct link_socket_actual *from)
2432{
2433 socklen_t fromlen = sizeof(from->dest.addr);
2434 socklen_t expectedlen = af_addr_size(sock->info.af);
2435 addr_zero_host(&from->dest);
2436
2437 ASSERT(sock->sd >= 0); /* can't happen */
2438
2439#if ENABLE_IP_PKTINFO
2440 /* Both PROTO_UDPv4 and PROTO_UDPv6 */
2441 if (sock->info.proto == PROTO_UDP && sock->sockflags & SF_USE_IP_PKTINFO)
2442 {
2443 fromlen = link_socket_read_udp_posix_recvmsg(sock, buf, from);
2444 }
2445 else
2446#endif
2447 {
2448 buf->len = recvfrom(sock->sd, BPTR(buf), buf_forward_capacity(buf), 0, &from->dest.addr.sa,
2449 &fromlen);
2450 }
2451 /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
2452 if (buf->len >= 0 && expectedlen && fromlen != expectedlen)
2453 {
2454 bad_address_length(fromlen, expectedlen);
2455 }
2456 return buf->len;
2457}
2458
2459#endif /* ifndef _WIN32 */
2460
2461/*
2462 * Socket Write Routines
2463 */
2464
2465ssize_t
2466link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
2467{
2468 packet_size_type len = BLEN(buf);
2469 dmsg(D_STREAM_DEBUG, "STREAM: WRITE %d offset=%d", (int)len, buf->offset);
2470 ASSERT(len <= sock->stream_buf.maxlen);
2471 len = htonps(len);
2472 ASSERT(buf_write_prepend(buf, &len, sizeof(len)));
2473#ifdef _WIN32
2474 return link_socket_write_win32(sock, buf, to);
2475#else
2476 return link_socket_write_tcp_posix(sock, buf);
2477#endif
2478}
2479
2480#if defined(__GNUC__) || defined(__clang__)
2481#pragma GCC diagnostic pop
2482#endif
2483
2484#if ENABLE_IP_PKTINFO
2485
2486ssize_t
2487link_socket_write_udp_posix_sendmsg(struct link_socket *sock, struct buffer *buf,
2488 struct link_socket_actual *to)
2489{
2490 struct iovec iov;
2491 struct msghdr mesg;
2492 struct cmsghdr *cmsg;
2493 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2494
2495 iov.iov_base = BPTR(buf);
2496 iov.iov_len = BLEN(buf);
2497 mesg.msg_iov = &iov;
2498 mesg.msg_iovlen = 1;
2499 switch (to->dest.addr.sa.sa_family)
2500 {
2501 case AF_INET:
2502 {
2503 mesg.msg_name = &to->dest.addr.sa;
2504 mesg.msg_namelen = sizeof(struct sockaddr_in);
2505 mesg.msg_control = pktinfo_buf;
2506 mesg.msg_flags = 0;
2507#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2508 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in_pktinfo));
2509 cmsg = CMSG_FIRSTHDR(&mesg);
2510 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
2511 cmsg->cmsg_level = SOL_IP;
2512 cmsg->cmsg_type = IP_PKTINFO;
2513 {
2514 struct in_pktinfo *pkti;
2515 pkti = (struct in_pktinfo *)CMSG_DATA(cmsg);
2516 pkti->ipi_ifindex = to->pi.in4.ipi_ifindex;
2517 pkti->ipi_spec_dst = to->pi.in4.ipi_spec_dst;
2518 pkti->ipi_addr.s_addr = 0;
2519 }
2520#elif defined(IP_RECVDSTADDR)
2521 ASSERT(CMSG_SPACE(sizeof(struct in_addr)) <= sizeof(pktinfo_buf));
2522 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in_addr));
2523 cmsg = CMSG_FIRSTHDR(&mesg);
2524 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr));
2525 cmsg->cmsg_level = IPPROTO_IP;
2526 cmsg->cmsg_type = IP_RECVDSTADDR;
2527 *(struct in_addr *)CMSG_DATA(cmsg) = to->pi.in4;
2528#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2529#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2530#endif /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2531 break;
2532 }
2533
2534 case AF_INET6:
2535 {
2536 struct in6_pktinfo *pkti6;
2537 mesg.msg_name = &to->dest.addr.sa;
2538 mesg.msg_namelen = sizeof(struct sockaddr_in6);
2539
2540 ASSERT(CMSG_SPACE(sizeof(struct in6_pktinfo)) <= sizeof(pktinfo_buf));
2541 mesg.msg_control = pktinfo_buf;
2542 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo));
2543 mesg.msg_flags = 0;
2544 cmsg = CMSG_FIRSTHDR(&mesg);
2545 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
2546 cmsg->cmsg_level = IPPROTO_IPV6;
2547 cmsg->cmsg_type = IPV6_PKTINFO;
2548
2549 pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg);
2550 pkti6->ipi6_ifindex = to->pi.in6.ipi6_ifindex;
2551 pkti6->ipi6_addr = to->pi.in6.ipi6_addr;
2552 break;
2553 }
2554
2555 default:
2556 ASSERT(0);
2557 }
2558 return sendmsg(sock->sd, &mesg, 0);
2559}
2560
2561#endif /* if ENABLE_IP_PKTINFO */
2562
2563/*
2564 * Win32 overlapped socket I/O functions.
2565 */
2566
2567#ifdef _WIN32
2568
2569static int
2570socket_get_last_error(const struct link_socket *sock)
2571{
2572 if (socket_is_dco_win(sock))
2573 {
2574 return GetLastError();
2575 }
2576
2577 return WSAGetLastError();
2578}
2579
2580int
2581socket_recv_queue(struct link_socket *sock, int maxsize)
2582{
2583 if (sock->reads.iostate == IOSTATE_INITIAL)
2584 {
2585 WSABUF wsabuf[1];
2586 int status;
2587
2588 /* reset buf to its initial state */
2589 if (proto_is_udp(sock->info.proto))
2590 {
2591 sock->reads.buf = sock->reads.buf_init;
2592 }
2593 else if (proto_is_tcp(sock->info.proto))
2594 {
2595 stream_buf_get_next(&sock->stream_buf, &sock->reads.buf);
2596 }
2597 else
2598 {
2599 ASSERT(0);
2600 }
2601
2602 /* Win32 docs say it's okay to allocate the wsabuf on the stack */
2603 wsabuf[0].buf = BSTR(&sock->reads.buf);
2604 wsabuf[0].len = maxsize ? maxsize : BLEN(&sock->reads.buf);
2605
2606 /* check for buffer overflow */
2607 ASSERT(wsabuf[0].len <= BLEN(&sock->reads.buf));
2608
2609 /* the overlapped read will signal this event on I/O completion */
2610 ASSERT(ResetEvent(sock->reads.overlapped.hEvent));
2611 sock->reads.flags = 0;
2612
2613 if (socket_is_dco_win(sock))
2614 {
2615 status = ReadFile((HANDLE)sock->sd, wsabuf[0].buf, wsabuf[0].len, &sock->reads.size,
2616 &sock->reads.overlapped);
2617 /* Readfile status is inverted from WSARecv */
2618 status = !status;
2619 }
2620 else if (proto_is_udp(sock->info.proto))
2621 {
2622 sock->reads.addr_defined = true;
2623 sock->reads.addrlen = sizeof(sock->reads.addr6);
2624 status = WSARecvFrom(sock->sd, wsabuf, 1, &sock->reads.size, &sock->reads.flags,
2625 (struct sockaddr *)&sock->reads.addr, &sock->reads.addrlen,
2626 &sock->reads.overlapped, NULL);
2627 }
2628 else if (proto_is_tcp(sock->info.proto))
2629 {
2630 sock->reads.addr_defined = false;
2631 status = WSARecv(sock->sd, wsabuf, 1, &sock->reads.size, &sock->reads.flags,
2632 &sock->reads.overlapped, NULL);
2633 }
2634 else
2635 {
2636 status = 0;
2637 ASSERT(0);
2638 }
2639
2640 if (!status) /* operation completed immediately? */
2641 {
2642 /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
2643 int af_len = af_addr_size(sock->info.af);
2644 if (sock->reads.addr_defined && af_len && sock->reads.addrlen != af_len)
2645 {
2646 bad_address_length(sock->reads.addrlen, af_len);
2647 }
2648 sock->reads.iostate = IOSTATE_IMMEDIATE_RETURN;
2649
2650 /* since we got an immediate return, we must signal the event object ourselves */
2651 ASSERT(SetEvent(sock->reads.overlapped.hEvent));
2652 sock->reads.status = 0;
2653
2654 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive immediate return [%d,%d]",
2655 (int)wsabuf[0].len, (int)sock->reads.size);
2656 }
2657 else
2658 {
2659 status = socket_get_last_error(sock);
2660 if (status == WSA_IO_PENDING) /* operation queued? */
2661 {
2662 sock->reads.iostate = IOSTATE_QUEUED;
2663 sock->reads.status = status;
2664 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive queued [%d]", (int)wsabuf[0].len);
2665 }
2666 else /* error occurred */
2667 {
2668 struct gc_arena gc = gc_new();
2669 ASSERT(SetEvent(sock->reads.overlapped.hEvent));
2670 sock->reads.iostate = IOSTATE_IMMEDIATE_RETURN;
2671 sock->reads.status = status;
2672 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive error [%d]: %s", (int)wsabuf[0].len,
2673 strerror_win32(status, &gc));
2674 gc_free(&gc);
2675 }
2676 }
2677 }
2678 return sock->reads.iostate;
2679}
2680
2681int
2682socket_send_queue(struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to)
2683{
2684 if (sock->writes.iostate == IOSTATE_INITIAL)
2685 {
2686 WSABUF wsabuf[1];
2687 int status;
2688
2689 /* make a private copy of buf */
2690 sock->writes.buf = sock->writes.buf_init;
2691 sock->writes.buf.len = 0;
2692 ASSERT(buf_copy(&sock->writes.buf, buf));
2693
2694 /* Win32 docs say it's okay to allocate the wsabuf on the stack */
2695 wsabuf[0].buf = BSTR(&sock->writes.buf);
2696 wsabuf[0].len = BLEN(&sock->writes.buf);
2697
2698 /* the overlapped write will signal this event on I/O completion */
2699 ASSERT(ResetEvent(sock->writes.overlapped.hEvent));
2700 sock->writes.flags = 0;
2701
2702 if (socket_is_dco_win(sock))
2703 {
2704 status = WriteFile((HANDLE)sock->sd, wsabuf[0].buf, wsabuf[0].len, &sock->writes.size,
2705 &sock->writes.overlapped);
2706
2707 /* WriteFile status is inverted from WSASendTo */
2708 status = !status;
2709 }
2710 else if (proto_is_udp(sock->info.proto))
2711 {
2712 /* set destination address for UDP writes */
2713 sock->writes.addr_defined = true;
2714 if (to->dest.addr.sa.sa_family == AF_INET6)
2715 {
2716 sock->writes.addr6 = to->dest.addr.in6;
2717 sock->writes.addrlen = sizeof(sock->writes.addr6);
2718 }
2719 else
2720 {
2721 sock->writes.addr = to->dest.addr.in4;
2722 sock->writes.addrlen = sizeof(sock->writes.addr);
2723 }
2724
2725 status = WSASendTo(sock->sd, wsabuf, 1, &sock->writes.size, sock->writes.flags,
2726 (struct sockaddr *)&sock->writes.addr, sock->writes.addrlen,
2727 &sock->writes.overlapped, NULL);
2728 }
2729 else if (proto_is_tcp(sock->info.proto))
2730 {
2731 /* destination address for TCP writes was established on connection initiation */
2732 sock->writes.addr_defined = false;
2733
2734 status = WSASend(sock->sd, wsabuf, 1, &sock->writes.size, sock->writes.flags,
2735 &sock->writes.overlapped, NULL);
2736 }
2737 else
2738 {
2739 status = 0;
2740 ASSERT(0);
2741 }
2742
2743 if (!status) /* operation completed immediately? */
2744 {
2745 sock->writes.iostate = IOSTATE_IMMEDIATE_RETURN;
2746
2747 /* since we got an immediate return, we must signal the event object ourselves */
2748 ASSERT(SetEvent(sock->writes.overlapped.hEvent));
2749
2750 sock->writes.status = 0;
2751
2752 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send immediate return [%d,%d]", (int)wsabuf[0].len,
2753 (int)sock->writes.size);
2754 }
2755 else
2756 {
2757 status = socket_get_last_error(sock);
2758 /* both status code have the identical value */
2759 if (status == WSA_IO_PENDING || status == ERROR_IO_PENDING) /* operation queued? */
2760 {
2761 sock->writes.iostate = IOSTATE_QUEUED;
2762 sock->writes.status = status;
2763 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send queued [%d]", (int)wsabuf[0].len);
2764 }
2765 else /* error occurred */
2766 {
2767 struct gc_arena gc = gc_new();
2768 ASSERT(SetEvent(sock->writes.overlapped.hEvent));
2769 sock->writes.iostate = IOSTATE_IMMEDIATE_RETURN;
2770 sock->writes.status = status;
2771
2772 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send error [%d]: %s", (int)wsabuf[0].len,
2773 strerror_win32(status, &gc));
2774
2775 gc_free(&gc);
2776 }
2777 }
2778 }
2779 return sock->writes.iostate;
2780}
2781
2782void
2783read_sockaddr_from_overlapped(struct overlapped_io *io, struct sockaddr *dst, int overlapped_ret)
2784{
2785 if (overlapped_ret >= 0 && io->addr_defined)
2786 {
2787 /* TODO(jjo): streamline this mess */
2788 /* in this func we don't have relevant info about the PF_ of this
2789 * endpoint, as link_socket_actual will be zero for the 1st received packet
2790 *
2791 * Test for inets PF_ possible sizes
2792 */
2793 switch (io->addrlen)
2794 {
2795 case sizeof(struct sockaddr_in):
2796 case sizeof(struct sockaddr_in6):
2797 /* TODO(jjo): for some reason (?) I'm getting 24,28 for AF_INET6
2798 * under _WIN32*/
2799 case sizeof(struct sockaddr_in6) - 4:
2800 break;
2801
2802 default:
2803 bad_address_length(io->addrlen, af_addr_size(io->addr.sin_family));
2804 }
2805
2806 switch (io->addr.sin_family)
2807 {
2808 case AF_INET:
2809 memcpy(dst, &io->addr, sizeof(struct sockaddr_in));
2810 break;
2811
2812 case AF_INET6:
2813 memcpy(dst, &io->addr6, sizeof(struct sockaddr_in6));
2814 break;
2815 }
2816 }
2817 else
2818 {
2819 CLEAR(*dst);
2820 }
2821}
2822
2832static int
2833read_sockaddr_from_packet(struct buffer *buf, struct sockaddr *dst)
2834{
2835 int sa_len = 0;
2836
2837 const struct sockaddr *sa = (const struct sockaddr *)BPTR(buf);
2838 switch (sa->sa_family)
2839 {
2840 case AF_INET:
2841 sa_len = sizeof(struct sockaddr_in);
2842 if (buf_len(buf) < sa_len)
2843 {
2844 msg(M_FATAL,
2845 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2846 buf_len(buf), sa_len);
2847 }
2848 memcpy(dst, sa, sa_len);
2849 buf_advance(buf, sa_len);
2850 break;
2851
2852 case AF_INET6:
2853 sa_len = sizeof(struct sockaddr_in6);
2854 if (buf_len(buf) < sa_len)
2855 {
2856 msg(M_FATAL,
2857 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2858 buf_len(buf), sa_len);
2859 }
2860 memcpy(dst, sa, sa_len);
2861 buf_advance(buf, sa_len);
2862 break;
2863
2864 default:
2865 msg(M_FATAL, "ERROR: received incoming packet with invalid address family %d.",
2866 sa->sa_family);
2867 }
2868
2869 return sa_len;
2870}
2871
2872/* Returns the number of bytes successfully read */
2873int
2874sockethandle_finalize(sockethandle_t sh, struct overlapped_io *io, struct buffer *buf,
2875 struct link_socket_actual *from)
2876{
2877 int ret = -1;
2878 BOOL status;
2879
2880 switch (io->iostate)
2881 {
2882 case IOSTATE_QUEUED:
2883 status = SocketHandleGetOverlappedResult(sh, io);
2884 if (status)
2885 {
2886 /* successful return for a queued operation */
2887 if (buf)
2888 {
2889 *buf = io->buf;
2890 }
2891 ret = io->size;
2892 io->iostate = IOSTATE_INITIAL;
2893 ASSERT(ResetEvent(io->overlapped.hEvent));
2894
2895 dmsg(D_WIN32_IO, "WIN32 I/O: Completion success [%d]", ret);
2896 }
2897 else
2898 {
2899 /* error during a queued operation */
2900 ret = -1;
2901 if (SocketHandleGetLastError(sh) != ERROR_IO_INCOMPLETE)
2902 {
2903 /* if no error (i.e. just not finished yet), then DON'T execute this code */
2904 io->iostate = IOSTATE_INITIAL;
2905 ASSERT(ResetEvent(io->overlapped.hEvent));
2906 msg(D_WIN32_IO | M_ERRNO, "WIN32 I/O: Completion error");
2907 }
2908 }
2909 break;
2910
2911 case IOSTATE_IMMEDIATE_RETURN:
2912 io->iostate = IOSTATE_INITIAL;
2913 ASSERT(ResetEvent(io->overlapped.hEvent));
2914 if (io->status)
2915 {
2916 /* error return for a non-queued operation */
2917 SocketHandleSetLastError(sh, io->status);
2918 ret = -1;
2919 msg(D_WIN32_IO | M_ERRNO, "WIN32 I/O: Completion non-queued error");
2920 }
2921 else
2922 {
2923 /* successful return for a non-queued operation */
2924 if (buf)
2925 {
2926 *buf = io->buf;
2927 }
2928 ret = io->size;
2929 dmsg(D_WIN32_IO, "WIN32 I/O: Completion non-queued success [%d]", ret);
2930 }
2931 break;
2932
2933 case IOSTATE_INITIAL: /* were we called without proper queueing? */
2934 SocketHandleSetInvalError(sh);
2935 ret = -1;
2936 dmsg(D_WIN32_IO, "WIN32 I/O: Completion BAD STATE");
2937 break;
2938
2939 default:
2940 ASSERT(0);
2941 }
2942
2943 if (from && ret > 0 && sh.is_handle && sh.prepend_sa)
2944 {
2945 ret -= read_sockaddr_from_packet(buf, &from->dest.addr.sa);
2946 }
2947
2948 if (!sh.is_handle && from)
2949 {
2950 read_sockaddr_from_overlapped(io, &from->dest.addr.sa, ret);
2951 }
2952
2953 if (buf)
2954 {
2955 buf->len = ret;
2956 }
2957 return ret;
2958}
2959
2960#endif /* _WIN32 */
2961
2962/*
2963 * Socket event notification
2964 */
2965
2966unsigned int
2967socket_set(struct link_socket *s, struct event_set *es, unsigned int rwflags, void *arg,
2968 unsigned int *persistent)
2969{
2970 if (s)
2971 {
2972 if ((rwflags & EVENT_READ) && !stream_buf_read_setup(s))
2973 {
2974 ASSERT(!persistent);
2975 rwflags &= ~EVENT_READ;
2976 }
2977
2978#ifdef _WIN32
2979 if (rwflags & EVENT_READ)
2980 {
2981 socket_recv_queue(s, 0);
2982 }
2983#endif
2984
2985 /* if persistent is defined, call event_ctl only if rwflags has changed since last call */
2986 if (!persistent || *persistent != rwflags)
2987 {
2988 event_ctl(es, socket_event_handle(s), rwflags, arg);
2989 if (persistent)
2990 {
2991 *persistent = rwflags;
2992 }
2993 }
2994
2995 s->rwflags_debug = rwflags;
2996 }
2997 return rwflags;
2998}
2999
3000void
3001sd_close(socket_descriptor_t *sd)
3002{
3003 if (sd && socket_defined(*sd))
3004 {
3005 openvpn_close_socket(*sd);
3006 *sd = SOCKET_UNDEFINED;
3007 }
3008}
3009
3010#if UNIX_SOCK_SUPPORT
3011
3012/*
3013 * code for unix domain sockets
3014 */
3015
3016const char *
3017sockaddr_unix_name(const struct sockaddr_un *local, const char *null)
3018{
3019 if (local && local->sun_family == PF_UNIX)
3020 {
3021 return local->sun_path;
3022 }
3023 else
3024 {
3025 return null;
3026 }
3027}
3028
3029socket_descriptor_t
3030create_socket_unix(void)
3031{
3032 socket_descriptor_t sd;
3033
3034 if ((sd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
3035 {
3036 msg(M_ERR, "Cannot create unix domain socket");
3037 }
3038
3039 /* set socket file descriptor to not pass across execs, so that
3040 * scripts don't have access to it */
3041 set_cloexec(sd);
3042
3043 return sd;
3044}
3045
3046void
3047socket_bind_unix(socket_descriptor_t sd, struct sockaddr_un *local, const char *prefix)
3048{
3049 struct gc_arena gc = gc_new();
3050 const mode_t orig_umask = umask(0);
3051
3052 if (bind(sd, (struct sockaddr *)local, sizeof(struct sockaddr_un)))
3053 {
3054 msg(M_FATAL | M_ERRNO, "%s: Socket bind[%d] failed on unix domain socket %s", prefix,
3055 (int)sd, sockaddr_unix_name(local, "NULL"));
3056 }
3057
3058 umask(orig_umask);
3059 gc_free(&gc);
3060}
3061
3062socket_descriptor_t
3063socket_accept_unix(socket_descriptor_t sd, struct sockaddr_un *remote)
3064{
3065 socklen_t remote_len = sizeof(struct sockaddr_un);
3066 socket_descriptor_t ret;
3067
3068 CLEAR(*remote);
3069 ret = accept(sd, (struct sockaddr *)remote, &remote_len);
3070 if (ret >= 0)
3071 {
3072 /* set socket file descriptor to not pass across execs, so that
3073 * scripts don't have access to it */
3074 set_cloexec(ret);
3075 }
3076 return ret;
3077}
3078
3079int
3080socket_connect_unix(socket_descriptor_t sd, struct sockaddr_un *remote)
3081{
3082 int status = connect(sd, (struct sockaddr *)remote, sizeof(struct sockaddr_un));
3083 if (status)
3084 {
3085 status = openvpn_errno();
3086 }
3087 return status;
3088}
3089
3090void
3091sockaddr_unix_init(struct sockaddr_un *local, const char *path)
3092{
3093 local->sun_family = PF_UNIX;
3094 strncpynt(local->sun_path, path, sizeof(local->sun_path));
3095}
3096
3097void
3098socket_delete_unix(const struct sockaddr_un *local)
3099{
3100 const char *name = sockaddr_unix_name(local, NULL);
3101 if (name && strlen(name))
3102 {
3103 unlink(name);
3104 }
3105}
3106
3107bool
3108unix_socket_get_peer_uid_gid(const socket_descriptor_t sd, uid_t *uid, gid_t *gid)
3109{
3110#ifdef HAVE_GETPEEREID
3111 uid_t u;
3112 gid_t g;
3113 if (getpeereid(sd, &u, &g) == -1)
3114 {
3115 return false;
3116 }
3117 if (uid)
3118 {
3119 *uid = u;
3120 }
3121 if (gid)
3122 {
3123 *gid = g;
3124 }
3125 return true;
3126#elif defined(SO_PEERCRED)
3127 struct ucred peercred;
3128 socklen_t so_len = sizeof(peercred);
3129 if (getsockopt(sd, SOL_SOCKET, SO_PEERCRED, &peercred, &so_len) == -1)
3130 {
3131 return false;
3132 }
3133 if (uid)
3134 {
3135 *uid = peercred.uid;
3136 }
3137 if (gid)
3138 {
3139 *gid = peercred.gid;
3140 }
3141 return true;
3142#else /* ifdef HAVE_GETPEEREID */
3143 return false;
3144#endif /* ifdef HAVE_GETPEEREID */
3145}
3146
3147#endif /* if UNIX_SOCK_SUPPORT */
argv_parse_cmd
void argv_parse_cmd(struct argv *argres, const char *cmdstr)
Parses a command string, tokenizes it and puts each element into a separate struct argv argument slot...
Definition argv.c:481
argv_free
void argv_free(struct argv *a)
Frees all memory allocations allocated by the struct argv related functions.
Definition argv.c:101
argv_printf
bool argv_printf(struct argv *argres, const char *format,...)
printf() variant which populates a struct argv.
Definition argv.c:438
argv_printf_cat
bool argv_printf_cat(struct argv *argres, const char *format,...)
printf() inspired argv concatenation.
Definition argv.c:462
argv_new
struct argv argv_new(void)
Allocates a new struct argv and ensures it is initialised.
Definition argv.c:87
free_buf
void free_buf(struct buffer *buf)
Definition buffer.c:184
buf_printf
bool buf_printf(struct buffer *buf, const char *format,...)
Definition buffer.c:241
alloc_buf_gc
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition buffer.c:89
alloc_buf
struct buffer alloc_buf(size_t size)
Definition buffer.c:63
gc_addspecial
void gc_addspecial(void *addr, void(*free_function)(void *), struct gc_arena *a)
Definition buffer.c:438
BSTR
#define BSTR(buf)
Definition buffer.h:128
buf_copy
static bool buf_copy(struct buffer *dest, const struct buffer *src)
Definition buffer.h:704
BPTR
#define BPTR(buf)
Definition buffer.h:123
buf_copy_excess
static bool buf_copy_excess(struct buffer *dest, struct buffer *src, int len)
Definition buffer.h:739
buf_write_prepend
static bool buf_write_prepend(struct buffer *dest, const void *src, int size)
Definition buffer.h:672
buf_reset
static void buf_reset(struct buffer *buf)
Definition buffer.h:303
buf_safe
static bool buf_safe(const struct buffer *buf, size_t len)
Definition buffer.h:518
buf_read
static bool buf_read(struct buffer *src, void *dest, int size)
Definition buffer.h:762
buf_advance
static bool buf_advance(struct buffer *buf, int size)
Definition buffer.h:616
buf_len
static int buf_len(const struct buffer *buf)
Definition buffer.h:253
buf_forward_capacity
static int buf_forward_capacity(const struct buffer *buf)
Definition buffer.h:539
ALLOC_OBJ_CLEAR_GC
#define ALLOC_OBJ_CLEAR_GC(dptr, type, gc)
Definition buffer.h:1089
BLEN
#define BLEN(buf)
Definition buffer.h:126
strncpynt
static void strncpynt(char *dest, const char *src, size_t maxlen)
Definition buffer.h:361
gc_free
static void gc_free(struct gc_arena *a)
Definition buffer.h:1025
ALLOC_OBJ_CLEAR
#define ALLOC_OBJ_CLEAR(dptr, type)
Definition buffer.h:1052
buf_defined
static bool buf_defined(const struct buffer *buf)
Definition buffer.h:228
buf_init
#define buf_init(buf, offset)
Definition buffer.h:209
gc_freeaddrinfo_callback
static void gc_freeaddrinfo_callback(void *addr)
Definition buffer.h:215
gc_new
static struct gc_arena gc_new(void)
Definition buffer.h:1017
buf_forward_capacity_total
static int buf_forward_capacity_total(const struct buffer *buf)
Definition buffer.h:557
dco_mp_start_vpn
void dco_mp_start_vpn(HANDLE handle, struct link_socket *sock)
Initializes and binds the kernel UDP transport socket for multipeer mode.
Definition dco_win.c:283
dco_p2p_new_peer
void dco_p2p_new_peer(HANDLE handle, OVERLAPPED *ov, struct link_socket *sock, struct signal_info *sig_info)
Definition dco_win.c:327
setenv_str
void setenv_str(struct env_set *es, const char *name, const char *value)
Definition env_set.c:307
D_WIN32_IO
#define D_WIN32_IO
Definition errlevel.h:172
D_STREAM_ERRORS
#define D_STREAM_ERRORS
Definition errlevel.h:62
D_SOCKET_DEBUG
#define D_SOCKET_DEBUG
Definition errlevel.h:139
D_STREAM_DEBUG
#define D_STREAM_DEBUG
Definition errlevel.h:171
D_INIT_MEDIUM
#define D_INIT_MEDIUM
Definition errlevel.h:103
D_READ_WRITE
#define D_READ_WRITE
Definition errlevel.h:166
D_OSBUF
#define D_OSBUF
Definition errlevel.h:90
D_LOW
#define D_LOW
Definition errlevel.h:96
M_INFO
#define M_INFO
Definition errlevel.h:54
D_LINK_ERRORS
#define D_LINK_ERRORS
Definition errlevel.h:56
EVENT_WRITE
#define EVENT_WRITE
Definition event.h:38
EVENT_READ
#define EVENT_READ
Definition event.h:37
EVENT_ARG_LINK_SOCKET
@ EVENT_ARG_LINK_SOCKET
Definition event.h:135
event_ctl
static void event_ctl(struct event_set *es, event_t event, unsigned int rwflags, void *arg)
Definition event.h:180
set_nonblock
void set_nonblock(socket_descriptor_t fd)
Definition fdmisc.c:68
set_cloexec
void set_cloexec(socket_descriptor_t fd)
Definition fdmisc.c:78
openvpn_fd_set
static void openvpn_fd_set(socket_descriptor_t fd, fd_set *setp)
Definition fdmisc.h:39
get_server_poll_remaining_time
int get_server_poll_remaining_time(struct event_timeout *server_poll_timeout)
Definition forward.c:504
forward.h
Interface functions to the internal and external multiplexers.
status
static SERVICE_STATUS status
Definition interactive.c:51
management_set_state
void management_set_state(struct management *man, const int state, const char *detail, const in_addr_t *tun_local_ip, const struct in6_addr *tun_local_ip6, const struct openvpn_sockaddr *local, const struct openvpn_sockaddr *remote)
Definition manage.c:2789
management_sleep
void management_sleep(const int n)
A sleep function that services the management layer for n seconds rather than doing nothing.
Definition manage.c:4140
OPENVPN_STATE_TCP_CONNECT
#define OPENVPN_STATE_TCP_CONNECT
Definition manage.h:461
alloc_buf_sock_tun
void alloc_buf_sock_tun(struct buffer *buf, const struct frame *frame)
Definition mtu.c:41
set_mtu_discover_type
void set_mtu_discover_type(socket_descriptor_t sd, int mtu_type, sa_family_t proto_af)
Definition mtu.c:218
CLEAR
#define CLEAR(x)
Definition basic.h:32
strerror_win32
const char * strerror_win32(DWORD errnum, struct gc_arena *gc)
Definition error.c:768
M_FATAL
#define M_FATAL
Definition error.h:90
M_NONFATAL
#define M_NONFATAL
Definition error.h:91
dmsg
#define dmsg(flags,...)
Definition error.h:172
M_ERR
#define M_ERR
Definition error.h:106
openvpn_errno
#define openvpn_errno()
Definition error.h:71
msg
#define msg(flags,...)
Definition error.h:152
msglvl_t
unsigned int msglvl_t
Definition error.h:77
ASSERT
#define ASSERT(x)
Definition error.h:219
M_WARN
#define M_WARN
Definition error.h:92
M_ERRNO
#define M_ERRNO
Definition error.h:95
CM_CHILD_TCP
#define CM_CHILD_TCP
Definition openvpn.h:486
CM_CHILD_UDP
#define CM_CHILD_UDP
Definition openvpn.h:485
MODE_POINT_TO_POINT
#define MODE_POINT_TO_POINT
Definition options.h:263
MODE_SERVER
#define MODE_SERVER
Definition options.h:264
streq
#define streq(x, y)
Definition options.h:728
dco_enabled
static bool dco_enabled(const struct options *o)
Returns whether the current configuration has dco enabled.
Definition options.h:997
plugin_defined
bool plugin_defined(const struct plugin_list *pl, const int type)
Definition plugin.c:904
plugin_call
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
Definition plugin.h:195
establish_http_proxy_passthru
bool establish_http_proxy_passthru(struct http_proxy_info *p, socket_descriptor_t sd, const char *host, const char *port, struct event_timeout *server_poll_timeout, struct buffer *lookahead, struct signal_info *sig_info)
Definition proxy.c:625
run_command.h
openvpn_run_script
static int openvpn_run_script(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *hook)
Will run a script and return the exit code of the script if between 0 and 255, -1 otherwise.
Definition run_command.h:89
throw_signal_soft
void throw_signal_soft(const int signum, const char *signal_text)
Throw a soft global signal.
Definition sig.c:204
signal_reset
int signal_reset(struct signal_info *si, int signum)
Clear the signal if its current value equals signum.
Definition sig.c:262
throw_signal
void throw_signal(const int signum)
Throw a hard signal.
Definition sig.c:175
siginfo_static
struct signal_info siginfo_static
Definition sig.c:44
register_signal
void register_signal(struct signal_info *si, int signum, const char *signal_text)
Register a soft signal in the signal_info struct si respecting priority.
Definition sig.c:228
SIG_SOURCE_HARD
#define SIG_SOURCE_HARD
Definition sig.h:30
get_signal
static void get_signal(volatile int *sig)
Copy the global signal_received (if non-zero) to the passed-in argument sig.
Definition sig.h:109
link_socket_init_phase1
void link_socket_init_phase1(struct context *c, int sock_index, int mode)
Definition socket.c:1388
get_cached_dns_entry
static int get_cached_dns_entry(struct cached_dns_entry *dns_cache, const char *hostname, const char *servname, int ai_family, unsigned int resolve_flags, struct addrinfo **ai)
Definition socket.c:263
resolve_bind_local
static void resolve_bind_local(struct link_socket *sock, const sa_family_t af)
Definition socket.c:1208
socket_get_sndbuf
static int socket_get_sndbuf(socket_descriptor_t sd)
Definition socket.c:425
socket_set_sndbuf
static void socket_set_sndbuf(socket_descriptor_t sd, int size)
Definition socket.c:441
socket_listen_accept
static socket_descriptor_t socket_listen_accept(socket_descriptor_t sd, struct link_socket_actual *act, const char *remote_dynamic, const struct addrinfo *local, bool do_listen, bool nowait, volatile int *signal_received)
Definition socket.c:869
link_socket_init_phase2
void link_socket_init_phase2(struct context *c, struct link_socket *sock)
Definition socket.c:1731
socket_send_queue
int socket_send_queue(struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to)
Definition socket.c:2682
ipchange_fmt
static void ipchange_fmt(const bool include_cmd, struct argv *argv, const struct link_socket_info *info, struct gc_arena *gc)
Definition socket.c:1910
socket_get_last_error
static int socket_get_last_error(const struct link_socket *sock)
Definition socket.c:2570
link_socket_write_tcp
ssize_t link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
Definition socket.c:2466
link_socket_update_buffer_sizes
void link_socket_update_buffer_sizes(struct link_socket *sock, int rcvbuf, int sndbuf)
Definition socket.c:567
create_socket_udp
static socket_descriptor_t create_socket_udp(struct addrinfo *addrinfo, const unsigned int flags)
Definition socket.c:615
phase2_tcp_server
static void phase2_tcp_server(struct link_socket *sock, const char *remote_dynamic, struct signal_info *sig_info)
Definition socket.c:1580
create_socket
static void create_socket(struct link_socket *sock, struct addrinfo *addr)
Definition socket.c:687
link_socket_current_remote_ipv6
const struct in6_addr * link_socket_current_remote_ipv6(const struct link_socket_info *info)
Definition socket.c:2045
set_actual_address
void set_actual_address(struct link_socket_actual *actual, struct addrinfo *ai)
Definition socket.c:1100
socket_set_rcvbuf
static bool socket_set_rcvbuf(socket_descriptor_t sd, int size)
Definition socket.c:468
stream_buf_set_next
static void stream_buf_set_next(struct stream_buf *sb)
Definition socket.c:2139
socket_stat
const char * socket_stat(const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc)
Definition socket.c:2078
do_preresolve_host
static int do_preresolve_host(struct context *c, const char *hostname, const char *servname, const int af, const unsigned int flags)
Definition socket.c:286
bad_address_length
void bad_address_length(int actual, int expected)
Definition socket.c:2284
stream_buf_added
static bool stream_buf_added(struct stream_buf *sb, int length_added)
Definition socket.c:2187
socket_listen_event_handle
event_t socket_listen_event_handle(struct link_socket *s)
Definition socket.c:2265
sd_close
void sd_close(socket_descriptor_t *sd)
Definition socket.c:3001
linksock_print_addr
static void linksock_print_addr(struct link_socket *sock)
Definition socket.c:1543
socket_set_mark
static void socket_set_mark(socket_descriptor_t sd, int mark)
Definition socket.c:528
stream_buf_close
static void stream_buf_close(struct stream_buf *sb)
Definition socket.c:2254
stream_buf_get_final
static void stream_buf_get_final(struct stream_buf *sb, struct buffer *buf)
Definition socket.c:2152
socket_connect
static void socket_connect(socket_descriptor_t *sd, const struct sockaddr *dest, const int connect_timeout, struct signal_info *sig_info)
Definition socket.c:1120
bind_local
static void bind_local(struct link_socket *sock, const sa_family_t ai_family)
Definition socket.c:669
stream_buf_read_setup_dowork
bool stream_buf_read_setup_dowork(struct link_socket *sock)
Definition socket.c:2168
phase2_socks_client
static void phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1649
socket_set_tcp_nodelay
static bool socket_set_tcp_nodelay(socket_descriptor_t sd, int state)
Definition socket.c:508
get_addr_generic
static int get_addr_generic(sa_family_t af, unsigned int flags, const char *hostname, void *network, unsigned int *netbits, int resolve_retry_seconds, struct signal_info *sig_info, msglvl_t msglevel)
Definition socket.c:84
socket_do_accept
socket_descriptor_t socket_do_accept(socket_descriptor_t sd, struct link_socket_actual *act, const bool nowait)
Definition socket.c:794
socket_do_listen
static void socket_do_listen(socket_descriptor_t sd, const struct addrinfo *local, bool do_listen, bool do_set_nonblock)
Definition socket.c:769
socket_recv_queue
int socket_recv_queue(struct link_socket *sock, int maxsize)
Definition socket.c:2581
link_socket_close
void link_socket_close(struct link_socket *sock)
Definition socket.c:1852
get_ipv6_addr
bool get_ipv6_addr(const char *hostname, struct in6_addr *network, unsigned int *netbits, msglvl_t msglevel)
Translate an IPv6 addr or hostname from string form to in6_addr.
Definition socket.c:229
link_socket_connection_initiated
void link_socket_connection_initiated(struct link_socket_info *info, const struct link_socket_actual *act, const char *common_name, struct env_set *es)
Definition socket.c:1926
socket_set_buffers
void socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, bool reduce_size)
Sets the receive and send buffer sizes of a socket descriptor.
Definition socket.c:481
streqnull
static bool streqnull(const char *a, const char *b)
Definition socket.c:242
phase2_set_socket_flags
static void phase2_set_socket_flags(struct link_socket *sock)
Definition socket.c:1524
resolve_remote
static void resolve_remote(struct link_socket *sock, int phase, const char **remote_dynamic, struct signal_info *sig_info)
Definition socket.c:1258
link_socket_bad_outgoing_addr
void link_socket_bad_outgoing_addr(void)
Definition socket.c:2005
sockethandle_finalize
int sockethandle_finalize(sockethandle_t sh, struct overlapped_io *io, struct buffer *buf, struct link_socket_actual *from)
Definition socket.c:2874
link_socket_current_remote
in_addr_t link_socket_current_remote(const struct link_socket_info *info)
Definition socket.c:2011
socket_get_rcvbuf
static int socket_get_rcvbuf(socket_descriptor_t sd)
Definition socket.c:452
link_socket_read_tcp
int link_socket_read_tcp(struct link_socket *sock, struct buffer *buf)
Definition socket.c:2296
openvpn_connect
int openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout, volatile int *signal_received)
Definition socket.c:1007
socket_set
unsigned int socket_set(struct link_socket *s, struct event_set *es, unsigned int rwflags, void *arg, unsigned int *persistent)
Definition socket.c:2967
sf2gaf
static unsigned int sf2gaf(const unsigned int getaddr_flags, const unsigned int sockflags)
Definition socket.c:63
do_preresolve
void do_preresolve(struct context *c)
Definition socket.c:330
link_socket_bad_incoming_addr
void link_socket_bad_incoming_addr(struct buffer *buf, const struct link_socket_info *info, const struct link_socket_actual *from_addr)
Definition socket.c:1978
phase2_tcp_client
static void phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1614
socket_bind
void socket_bind(socket_descriptor_t sd, struct addrinfo *local, int ai_family, const char *prefix, bool ipv6only)
Definition socket.c:957
create_socket_tcp
socket_descriptor_t create_socket_tcp(struct addrinfo *addrinfo)
Definition socket.c:583
socket_frame_init
static void socket_frame_init(const struct frame *frame, struct link_socket *sock)
Definition socket.c:1179
stream_buf_reset
static void stream_buf_reset(struct stream_buf *sb)
Definition socket.c:2111
stream_buf_get_next
static void stream_buf_get_next(struct stream_buf *sb, struct buffer *buf)
Definition socket.c:2160
create_socket_dco_win
static void create_socket_dco_win(struct context *c, struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1683
tcp_connection_established
static void tcp_connection_established(const struct link_socket_actual *act)
Definition socket.c:857
socket_set_flags
static bool socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
Definition socket.c:539
link_socket_new
struct link_socket * link_socket_new(void)
Definition socket.c:1374
read_sockaddr_from_packet
static int read_sockaddr_from_packet(struct buffer *buf, struct sockaddr *dst)
Extracts a sockaddr from a packet payload.
Definition socket.c:2833
sockets_read_residual
bool sockets_read_residual(const struct context *c)
Definition socket.c:45
getaddr
in_addr_t getaddr(unsigned int flags, const char *hostname, int resolve_retry_seconds, bool *succeeded, struct signal_info *sig_info)
Translate an IPv4 addr or hostname from string form to in_addr_t.
Definition socket.c:202
setenv_trusted
void setenv_trusted(struct env_set *es, const struct link_socket_info *info)
Definition socket.c:1904
read_sockaddr_from_overlapped
void read_sockaddr_from_overlapped(struct overlapped_io *io, struct sockaddr *dst, int overlapped_ret)
Definition socket.c:2783
link_socket_update_flags
bool link_socket_update_flags(struct link_socket *sock, unsigned int sockflags)
Definition socket.c:553
stream_buf_init
static void stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags, const int proto)
Definition socket.c:2121
socket_event_handle
static event_t socket_event_handle(const struct link_socket *sock)
Definition socket.h:768
IPV4_INVALID_ADDR
#define IPV4_INVALID_ADDR
Definition socket.h:357
SocketHandleGetOverlappedResult
static BOOL SocketHandleGetOverlappedResult(sockethandle_t sh, struct overlapped_io *io)
Definition socket.h:270
LS_MODE_TCP_ACCEPT_FROM
#define LS_MODE_TCP_ACCEPT_FROM
Definition socket.h:181
SF_DCO_WIN
#define SF_DCO_WIN
Definition socket.h:196
link_socket_connection_oriented
static bool link_socket_connection_oriented(const struct link_socket *sock)
Definition socket.h:409
stream_buf_read_setup
static bool stream_buf_read_setup(struct link_socket *sock)
Definition socket.h:534
SocketHandleSetLastError
static void SocketHandleSetLastError(sockethandle_t sh, DWORD err)
Definition socket.h:284
SocketHandleGetLastError
static int SocketHandleGetLastError(sockethandle_t sh)
Definition socket.h:278
SocketHandleSetInvalError
static void SocketHandleSetInvalError(sockethandle_t sh)
Definition socket.h:290
SF_TCP_NODELAY
#define SF_TCP_NODELAY
Definition socket.h:192
RESOLV_RETRY_INFINITE
#define RESOLV_RETRY_INFINITE
Definition socket.h:48
SF_USE_IP_PKTINFO
#define SF_USE_IP_PKTINFO
Definition socket.h:191
LS_MODE_DEFAULT
#define LS_MODE_DEFAULT
Definition socket.h:179
MSG_NOSIGNAL
#define MSG_NOSIGNAL
Definition socket.h:243
packet_size_type
uint16_t packet_size_type
Definition socket.h:56
socket_is_dco_win
static bool socket_is_dco_win(const struct link_socket *s)
Returns true if we are on Windows and this link is running on DCO-WIN.
Definition socket.h:552
SF_HOST_RANDOMIZE
#define SF_HOST_RANDOMIZE
Definition socket.h:194
SF_GETADDRINFO_DGRAM
#define SF_GETADDRINFO_DGRAM
Definition socket.h:195
LS_MODE_TCP_LISTEN
#define LS_MODE_TCP_LISTEN
Definition socket.h:180
SF_PORT_SHARE
#define SF_PORT_SHARE
Definition socket.h:193
ntohps
#define ntohps(x)
Definition socket.h:62
openvpn_select
static int openvpn_select(socket_descriptor_t nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout)
Definition socket.h:299
link_socket_write_win32
static int link_socket_write_win32(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
Definition socket.h:626
SF_PKTINFO_COPY_IIF
#define SF_PKTINFO_COPY_IIF
Definition socket.h:198
openvpn_close_socket
#define openvpn_close_socket(s)
Definition socket.h:248
htonps
#define htonps(x)
Definition socket.h:59
openvpn_bind
static int openvpn_bind(socket_descriptor_t sockfd, const struct sockaddr *addr, size_t addrlen)
Definition socket.h:314
proto2ascii
const char * proto2ascii(int proto, sa_family_t af, bool display_form)
Definition socket_util.c:409
openvpn_getaddrinfo
int openvpn_getaddrinfo(unsigned int flags, const char *hostname, const char *servname, int resolve_retry_seconds, struct signal_info *sig_info, int ai_family, struct addrinfo **res)
Definition socket_util.c:537
print_sockaddr_ex
const char * print_sockaddr_ex(const struct sockaddr *sa, const char *separator, const unsigned int flags, struct gc_arena *gc)
Definition socket_util.c:38
setenv_link_socket_actual
void setenv_link_socket_actual(struct env_set *es, const char *name_prefix, const struct link_socket_actual *act, const unsigned int flags)
Definition socket_util.c:344
print_link_socket_actual
const char * print_link_socket_actual(const struct link_socket_actual *act, struct gc_arena *gc)
Definition socket_util.c:117
print_link_socket_actual_ex
const char * print_link_socket_actual_ex(const struct link_socket_actual *act, const char *separator, const unsigned int flags, struct gc_arena *gc)
Definition socket_util.c:127
addr_family_name
const char * addr_family_name(int af)
Definition socket_util.c:446
print_sockaddr
static const char * print_sockaddr(const struct sockaddr *addr, struct gc_arena *gc)
Definition socket_util.h:77
GETADDR_CACHE_MASK
#define GETADDR_CACHE_MASK
Definition socket_util.h:130
link_socket_actual_defined
static bool link_socket_actual_defined(const struct link_socket_actual *act)
Definition socket_util.h:328
GETADDR_TRY_ONCE
#define GETADDR_TRY_ONCE
Definition socket_util.h:124
SA_IP_PORT
#define SA_IP_PORT
Definition socket_util.h:99
GETADDR_PASSIVE
#define GETADDR_PASSIVE
Definition socket_util.h:127
proto_is_udp
static bool proto_is_udp(int proto)
Returns if the protocol being used is UDP.
Definition socket_util.h:195
GETADDR_FATAL
#define GETADDR_FATAL
Definition socket_util.h:118
GETADDR_UPDATE_MANAGEMENT_STATE
#define GETADDR_UPDATE_MANAGEMENT_STATE
Definition socket_util.h:125
addr_local
static bool addr_local(const struct sockaddr *addr)
Definition socket_util.h:254
PS_SHOW_PORT
#define PS_SHOW_PORT
Definition socket_util.h:31
PROTO_UDP
@ PROTO_UDP
Definition socket_util.h:177
PROTO_TCP_CLIENT
@ PROTO_TCP_CLIENT
Definition socket_util.h:180
PROTO_TCP_SERVER
@ PROTO_TCP_SERVER
Definition socket_util.h:179
GETADDR_HOST_ORDER
#define GETADDR_HOST_ORDER
Definition socket_util.h:119
PS_SHOW_PORT_IF_DEFINED
#define PS_SHOW_PORT_IF_DEFINED
Definition socket_util.h:30
GETADDR_RANDOMIZE
#define GETADDR_RANDOMIZE
Definition socket_util.h:126
GETADDR_DATAGRAM
#define GETADDR_DATAGRAM
Definition socket_util.h:128
proto_is_tcp
static bool proto_is_tcp(int proto)
returns if the proto is a TCP variant (tcp-server, tcp-client or tcp)
Definition socket_util.h:215
addr_zero_host
static void addr_zero_host(struct openvpn_sockaddr *addr)
Definition socket_util.h:450
proto_is_dgram
static bool proto_is_dgram(int proto)
Return if the protocol is datagram (UDP)
Definition socket_util.h:206
af_addr_size
static int af_addr_size(sa_family_t af)
Definition socket_util.h:465
GETADDR_RESOLVE
#define GETADDR_RESOLVE
Definition socket_util.h:117
GETADDR_MENTION_RESOLVE_RETRY
#define GETADDR_MENTION_RESOLVE_RETRY
Definition socket_util.h:120
GETADDR_WARN_ON_SIGNAL
#define GETADDR_WARN_ON_SIGNAL
Definition socket_util.h:122
addrlist_match
static bool addrlist_match(const struct openvpn_sockaddr *a1, const struct addrinfo *addrlist)
Definition socket_util.h:349
establish_socks_proxy_passthru
void establish_socks_proxy_passthru(struct socks_proxy_info *p, socket_descriptor_t sd, const char *host, const char *servname, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
Definition socks.c:338
establish_socks_proxy_udpassoc
void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
Definition socks.c:396
argv
Definition argv.h:35
buffer
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60
buffer::len
int len
Length in bytes of the actual content within the allocated memory.
Definition buffer.h:65
buffer::offset
int offset
Offset in bytes of the actual content within the allocated memory.
Definition buffer.h:63
cached_dns_entry
Definition socket.h:66
cached_dns_entry::hostname
const char * hostname
Definition socket.h:67
cached_dns_entry::ai_family
int ai_family
Definition socket.h:69
cached_dns_entry::servname
const char * servname
Definition socket.h:68
cached_dns_entry::flags
unsigned int flags
Definition socket.h:70
cached_dns_entry::ai
struct addrinfo * ai
Definition socket.h:71
cached_dns_entry::next
struct cached_dns_entry * next
Definition socket.h:72
connection_entry
Definition options.h:107
connection_entry::local_list
struct local_list * local_list
Definition options.h:108
connection_entry::bind_local
bool bind_local
Definition options.h:118
connection_entry::remote
const char * remote
Definition options.h:114
connection_entry::socks_proxy_port
const char * socks_proxy_port
Definition options.h:124
connection_entry::http_proxy_options
struct http_proxy_options * http_proxy_options
Definition options.h:122
connection_entry::bind_ipv6_only
bool bind_ipv6_only
Definition options.h:117
connection_entry::remote_float
bool remote_float
Definition options.h:115
connection_entry::remote_port
const char * remote_port
Definition options.h:113
connection_entry::socks_proxy_server
const char * socks_proxy_server
Definition options.h:123
connection_entry::mtu_discover_type
int mtu_discover_type
Definition options.h:139
connection_entry::proto
int proto
Definition options.h:109
connection_entry::af
sa_family_t af
Definition options.h:110
connection_entry::flags
unsigned int flags
Definition options.h:162
connection_list
Definition options.h:200
connection_list::array
struct connection_entry ** array
Definition options.h:204
connection_list::len
int len
Definition options.h:202
context_1::link_socket_addrs
struct link_socket_addr * link_socket_addrs
Local and remote addresses on the external network.
Definition openvpn.h:159
context_1::link_sockets_num
int link_sockets_num
Definition openvpn.h:158
context_1::http_proxy
struct http_proxy_info * http_proxy
Definition openvpn.h:189
context_1::socks_proxy
struct socks_proxy_info * socks_proxy
Definition openvpn.h:193
context_1::dns_cache
struct cached_dns_entry * dns_cache
Definition openvpn.h:167
context_1::tuntap
struct tuntap * tuntap
Tun/tap virtual network interface.
Definition openvpn.h:172
context_2::server_poll_interval
struct event_timeout server_poll_interval
Definition openvpn.h:408
context_2::accept_from
const struct link_socket * accept_from
Definition openvpn.h:242
context_2::frame
struct frame frame
Definition openvpn.h:248
context_2::link_sockets
struct link_socket ** link_sockets
Definition openvpn.h:237
context
Contains all state information for one tunnel.
Definition openvpn.h:474
context::mode
int mode
Role of this context within the OpenVPN process.
Definition openvpn.h:487
context::sig
struct signal_info * sig
Internal error signaling object.
Definition openvpn.h:503
context::plugins
struct plugin_list * plugins
List of plug-ins.
Definition openvpn.h:505
context::c2
struct context_2 c2
Level 2 context.
Definition openvpn.h:517
context::options
struct options options
Options loaded from command line or configuration file.
Definition openvpn.h:475
context::gc
struct gc_arena gc
Garbage collection arena for allocations done in the scope of this context structure.
Definition openvpn.h:495
context::c1
struct context_1 c1
Level 1 context.
Definition openvpn.h:516
env_set
Definition env_set.h:43
event_arg::sock
struct link_socket * sock
Definition event.h:145
event_arg::u
union event_arg::@1 u
event_arg::type
event_arg_t type
Definition event.h:141
event_set
Definition event.h:128
frame
Packet geometry parameters.
Definition mtu.h:103
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116
http_proxy_info::options
struct http_proxy_options options
Definition proxy.h:70
http_proxy_options::port
const char * port
Definition proxy.h:47
http_proxy_options::server
const char * server
Definition proxy.h:46
link_socket_actual
Definition socket_util.h:50
link_socket_actual::dest
struct openvpn_sockaddr dest
Definition socket_util.h:53
link_socket_addr
Definition socket.h:77
link_socket_addr::actual
struct link_socket_actual actual
Definition socket.h:82
link_socket_addr::remote_list
struct addrinfo * remote_list
Definition socket.h:79
link_socket_addr::bind_local
struct addrinfo * bind_local
Definition socket.h:78
link_socket_addr::current_remote
struct addrinfo * current_remote
Definition socket.h:80
link_socket_info
Definition socket.h:86
link_socket_info::connection_established
bool connection_established
Definition socket.h:88
link_socket_info::af
sa_family_t af
Definition socket.h:93
link_socket_info::lsa
struct link_socket_addr * lsa
Definition socket.h:87
link_socket_info::ipchange_command
const char * ipchange_command
Definition socket.h:89
link_socket_info::remote_float
bool remote_float
Definition socket.h:91
link_socket_info::plugins
const struct plugin_list * plugins
Definition socket.h:90
link_socket_info::proto
uint8_t proto
Definition socket.h:92
link_socket_info::bind_ipv6_only
bool bind_ipv6_only
Definition socket.h:94
link_socket
Definition socket.h:148
link_socket::server_poll_timeout
struct event_timeout * server_poll_timeout
Definition socket.h:221
link_socket::remote_host
const char * remote_host
Definition socket.h:172
link_socket::rwflags_debug
unsigned int rwflags_debug
Definition socket.h:167
link_socket::socket_buffer_sizes
struct socket_buffer_size socket_buffer_sizes
Definition socket.h:187
link_socket::socks_relay
struct link_socket_actual socks_relay
Definition socket.h:213
link_socket::listen_handle
struct rw_handle listen_handle
Definition socket.h:163
link_socket::info
struct link_socket_info info
Definition socket.h:149
link_socket::remote_port
const char * remote_port
Definition socket.h:173
link_socket::bind_local
bool bind_local
Definition socket.h:177
link_socket::local_host
const char * local_host
Definition socket.h:174
link_socket::proxy_dest_port
const char * proxy_dest_port
Definition socket.h:217
link_socket::mark
int mark
Definition socket.h:200
link_socket::local_port
const char * local_port
Definition socket.h:175
link_socket::rw_handle
struct rw_handle rw_handle
Definition socket.h:162
link_socket::writes
struct overlapped_io writes
Definition socket.h:161
link_socket::mtu_discover_type
int mtu_discover_type
Definition socket.h:185
link_socket::sockflags
unsigned int sockflags
Definition socket.h:199
link_socket::ctrl_sd
socket_descriptor_t ctrl_sd
Definition socket.h:157
link_socket::stream_buf
struct stream_buf stream_buf
Definition socket.h:204
link_socket::mode
int mode
Definition socket.h:182
link_socket::socks_proxy
struct socks_proxy_info * socks_proxy
Definition socket.h:212
link_socket::bind_dev
const char * bind_dev
Definition socket.h:201
link_socket::resolve_retry_seconds
int resolve_retry_seconds
Definition socket.h:184
link_socket::proxy_dest_host
const char * proxy_dest_host
Definition socket.h:216
link_socket::http_proxy
struct http_proxy_info * http_proxy
Definition socket.h:209
link_socket::dns_cache
struct cached_dns_entry * dns_cache
Definition socket.h:176
link_socket::stream_buf_data
struct buffer stream_buf_data
Definition socket.h:205
link_socket::ev_arg
struct event_arg ev_arg
this struct will store a pointer to either mi or link_socket, depending on the event type,...
Definition socket.h:151
link_socket::sd
socket_descriptor_t sd
Definition socket.h:156
link_socket::stream_reset
bool stream_reset
Definition socket.h:206
link_socket::reads
struct overlapped_io reads
Definition socket.h:160
local_entry
Definition options.h:100
local_entry::port
const char * port
Definition options.h:102
local_entry::proto
int proto
Definition options.h:103
local_entry::local
const char * local
Definition options.h:101
local_list::array
struct local_entry ** array
Definition options.h:196
local_list::len
int len
Definition options.h:195
management::connection
struct man_connection connection
Definition manage.h:335
openvpn_sockaddr
Definition socket_util.h:38
openvpn_sockaddr::addr
union openvpn_sockaddr::@27 addr
openvpn_sockaddr::sa
struct sockaddr sa
Definition socket_util.h:42
openvpn_sockaddr::in4
struct sockaddr_in in4
Definition socket_util.h:43
openvpn_sockaddr::in6
struct sockaddr_in6 in6
Definition socket_util.h:44
options::resolve_retry_seconds
int resolve_retry_seconds
Definition options.h:366
options::rcvbuf
int rcvbuf
Definition options.h:415
options::ip_remote_hint
const char * ip_remote_hint
Definition options.h:368
options::msg_channel
HANDLE msg_channel
Definition options.h:696
options::ce
struct connection_entry ce
Definition options.h:293
options::ipchange
const char * ipchange
Definition options.h:320
options::mode
int mode
Definition options.h:265
options::bind_dev
char * bind_dev
Definition options.h:420
options::sndbuf
int sndbuf
Definition options.h:416
options::mark
int mark
Definition options.h:419
options::sockflags
unsigned int sockflags
Definition options.h:423
options::dev_node
const char * dev_node
Definition options.h:323
overlapped_io
Definition win32.h:204
overlapped_io::flags
DWORD flags
Definition win32.h:211
overlapped_io::buf
struct buffer buf
Definition win32.h:221
overlapped_io::size
DWORD size
Definition win32.h:210
overlapped_io::overlapped
OVERLAPPED overlapped
Definition win32.h:209
overlapped_io::buf_init
struct buffer buf_init
Definition win32.h:220
overlapped_io::addrlen
int addrlen
Definition win32.h:219
overlapped_io::addr_defined
bool addr_defined
Definition win32.h:213
overlapped_io::iostate
int iostate
Definition win32.h:208
overlapped_io::addr6
struct sockaddr_in6 addr6
Definition win32.h:217
overlapped_io::addr
struct sockaddr_in addr
Definition win32.h:216
overlapped_io::status
int status
Definition win32.h:212
rw_handle
Definition win32.h:80
rw_handle::write
HANDLE write
Definition win32.h:82
rw_handle::read
HANDLE read
Definition win32.h:81
signal_info
Definition sig.h:41
signal_info::signal_text
const char * signal_text
Definition sig.h:44
signal_info::signal_received
volatile int signal_received
Definition sig.h:42
signal_info::source
volatile int source
Definition sig.h:43
socket_buffer_size
Definition socket.h:127
socket_buffer_size::sndbuf
int sndbuf
Definition socket.h:129
socket_buffer_size::rcvbuf
int rcvbuf
Definition socket.h:128
sockethandle_t
Definition socket.h:256
sockethandle_t::s
SOCKET s
Definition socket.h:259
sockethandle_t::is_handle
bool is_handle
Definition socket.h:262
sockethandle_t::prepend_sa
bool prepend_sa
Definition socket.h:263
socks_proxy_info::server
char server[128]
Definition socks.h:40
socks_proxy_info::port
const char * port
Definition socks.h:41
stream_buf
Definition socket.h:103
stream_buf::buf
struct buffer buf
Definition socket.h:109
stream_buf::residual
struct buffer residual
Definition socket.h:105
stream_buf::residual_fully_formed
bool residual_fully_formed
Definition socket.h:107
stream_buf::maxlen
int maxlen
Definition socket.h:106
tuntap_options::msg_channel
HANDLE msg_channel
Definition tun.h:88
tuntap
Definition tun.h:183
tuntap::backend_driver
enum tun_driver_type backend_driver
The backend driver that used for this tun/tap device.
Definition tun.h:193
tuntap::dco_new_peer_ov
OVERLAPPED dco_new_peer_ov
Definition tun.h:220
tuntap::options
struct tuntap_options options
Definition tun.h:205
tuntap::hand
HANDLE hand
Definition tun.h:218
SIGHUP
#define SIGHUP
Definition syshead.h:55
sa_family_t
unsigned short sa_family_t
Definition syshead.h:409
SOCKET_UNDEFINED
#define SOCKET_UNDEFINED
Definition syshead.h:443
SIGTERM
#define SIGTERM
Definition syshead.h:59
SOL_IP
#define SOL_IP
Definition syshead.h:402
socket_descriptor_t
SOCKET socket_descriptor_t
Definition syshead.h:445
SIGUSR1
#define SIGUSR1
Definition syshead.h:57
in_addr_t
uint32_t in_addr_t
Definition syshead.h:52
socket_defined
static int socket_defined(const socket_descriptor_t sd)
Definition syshead.h:453
ENABLE_IP_PKTINFO
#define ENABLE_IP_PKTINFO
Definition syshead.h:394
es
struct env_set * es
Definition test_pkcs11.c:138
gc
struct gc_arena gc
Definition test_ssl.c:131
tun_open_device
void tun_open_device(struct tuntap *tt, const char *dev_node, const char **device_guid, struct gc_arena *gc)
Definition tun.c:6035
DRIVER_DCO
@ DRIVER_DCO
Definition tun.h:53
init_net_event_win32
void init_net_event_win32(struct rw_handle *event, long network_events, socket_descriptor_t sd, unsigned int flags)
Definition win32.c:219
overlapped_io_init
void overlapped_io_init(struct overlapped_io *o, const struct frame *frame, BOOL event_state)
Definition win32.c:169
close_net_event_win32
void close_net_event_win32(struct rw_handle *event, socket_descriptor_t sd, unsigned int flags)
Definition win32.c:274
overlapped_io_state_ascii
char * overlapped_io_state_ascii(const struct overlapped_io *o)
Definition win32.c:198
overlapped_io_close
void overlapped_io_close(struct overlapped_io *o)
Definition win32.c:185
defined_net_event_win32
static bool defined_net_event_win32(const struct rw_handle *event)
Definition win32.h:93
IOSTATE_IMMEDIATE_RETURN
#define IOSTATE_IMMEDIATE_RETURN
Definition win32.h:207
IOSTATE_INITIAL
#define IOSTATE_INITIAL
Definition win32.h:205
IOSTATE_QUEUED
#define IOSTATE_QUEUED
Definition win32.h:206
Generated by doxygen 1.9.8